Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-8770

Sign RPM packages available via the 10gen yum repository

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.0.8, 3.1.7
    • Component/s: Packaging
    • Labels:
      None
    • Backwards Compatibility:
      Minor Change
    • Backport Completed:
    • Sprint:
      BUILD 2 04/24/15, BUILD 4 06/05/15, Build 5 06/26/16, Build 6 07/17/15, Build 7 08/10/15, Build 8 08/31/15

      Description

      Packages available from 10gen yum repository (and probably all provided packages) should be signed using a GPG/PGP key. It makes it harder to compromise a yum repository (it is not enough to just replace RPM in a repo).

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                26 Vote for this issue
                Watchers:
                23 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: