Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-6320

Comment on: "manual/tutorial/install-mongodb-on-red-hat.txt"

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Won't Fix
    • Icon: Major - P3 Major - P3
    • 01112017-cleanup
    • None
    • None

    Description

      The official MongoDB guide suggests that I add a `.repo` with `gpgcheck=0` over HTTP protocol. I'm getting the feeling that this is a very insecure setup - I am worried about exposing myself to MiTM attacks this way everytime I try to update my system within an untrusted network. Is this actually possible or are there any security mechanisms that I'm not aware of that would protect me from that? If not, is there any way to make this `.repo` setup more secure without relying on my OS's old packages or compiling the program from scratch?

      Attachments

        Activity

          People

            kay.kim@mongodb.com Kay Kim (Inactive)
            xgen-internal-docs Docs Collector User (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              7 years, 29 weeks ago