Hello! On 08/22/2016 10:58 PM, rai...@ultra-secure.de wrote: > > nginx doesn't provide an auto-update mechanism that stupidly downloads > and accepts all and everything somebody makes available under some > spoofed address.
You can use PGP key[1] to verified the binary was correct or "injected" or "spoofed". Anyway, nginx support auto-update mechanism using repositories. [2] [1] http://nginx.org/en/pgp_keys.html [2] http://nginx.org/en/linux_packages.html > > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx
signature.asc
Description: OpenPGP digital signature
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
