[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


I've been thinking about seeing if I can hack a program called AutoRPM so
that it can automagically download and install any updated rpms we
release. This would be good for users who don't have time to follow the
security announcements and update them their self. It would enhance the
security of Indy somewhat as it would take some of the security concers
away from the user, most of who probably don't have time/knowledge to
monitor the security announcements and act upon them.

Obviously I'd have to build some sort of package authentication, so
someone doesn't spoof the machine address and install malicious packages
on the users computer, but that shouldn't be too hard if I get the program
to search for the Indy PGP key, rather than the RedHat one.

Security issues aside, the inclusion of this program in cron or the ppp
dial up script would enable users to keep upto date with the Indy release,
much as I believe the BSD ports system works. If done correctly, it could
probably also be used to easily and seemlessly upgrade from one release to
the next, but that'd take more time and code.

Any ideas/comments?

David Webster |   cognite.net    | Project Independence Linux, Security:
cog@seul.org  | cogito, ergo sum | http://independence.seul.org/security/
     Our moral progression cannot begin until we have independence