Pull to refresh

Comments 3

Сегодня прочел список рассылки федоры. Вот какие неточности у вас в статье:

1. Серверы fedora и red hat разные, просто и в те и в те было замечено вторжение.
> It is important to note that the effects of the intrusion on Fedora and
Red Hat are *not* the same. Accordingly, the Fedora package signing key
is not connected to, and is different from, the one used to sign Red Hat
Enterprise Linux packages.

Ключи у них совершенно разные.

2. However, based on our efforts, we have high confidence
that the intruder was not able to capture the passphrase used to secure
the Fedora package signing key. Based on our review to date, the
passphrase was not used during the time of the intrusion on the system
and the passphrase is not stored on any of the Fedora servers.

Тоесть пусть чувак и влез к ним, нагадить он там не сможет, просто потому что паролей он не знает и знать не может.
Ага. А подписанные openssh-пакеты святой дух создал.
UFO landed and left these words here
Only those users with full accounts are able to leave comments. Log in, please.