[Yum] FW: Cron <root at fondue> run-parts /etc/cron.daily
skvidal at phy.duke.edu
Sun Nov 9 22:18:12 UTC 2003
> Does the message "MD5 Signature check failed" mean just that the package
> checksum is not correct, or that the package is not correctly digitally
it means that the python equiv of rpm -K failed on the md5 checksum.
> If the latter, then I think that using the suggested command is a really
> bad idea, as this will *bypass* this signature checking; if the package
> has been trojaned, the above will happily install the trojan.
Why would it install the package?
rpm -V should check it and -p means check it in a file.
I admit rpm -K is easier, but I'm not sure why the other is dangerous.
> Just because I'm paranoid doesn't mean they're not out to get me....
oh they're out to get you, I asked. They said 'yep, out to get him' :)
More information about the Yum