Arch package security

From ArchWiki
Revision as of 23:53, 2 December 2009 by Thebodzio (Talk | contribs) (Init)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Arch package security

The problem appears actually broader than only signing arch linux packages. Properly implemented package signing policy have to consist of two parts. The first is certificates management and the second signatures management.

Currently arch packages are distributed from a set of official repositories, from small independent repositories and downloadable directly in case of some projects.