[CentOS] Security: should I be concerned?

William L. Maltby BillsCentOS at triad.rr.com
Wed Oct 12 13:20:15 UTC 2005


Two things have been weighing on my mind regarding security issues.

The first is that when I downloaded the CentOS 4.1 ISO images, I could
not get the sums to match even using different downloads from different
mirrors. I decided that that I was doing something wrong and decided to
trust the images. So far no regrets. But I am concerned that I get it
right the next time. I thought I had read everything carefully and I
also had a small amount of experience with them in the past. Decided
eventually maybe they just hadn't been updated (this was about a month
or so ago, IIRC?).

Can one post the command used to gen the numbers so I can use the
correct parameters next time?

TIA

My second concern is with security update announcements. For all the
announcers but one (IIRC) I get "Invalid signature" displayed (using
Evolution). I would ask "Should I be concerned?", but the answer is
self-evident in security circles. So instead, I'll ask if this is
acceptable in the official CentOS and I can continue to rely on their
stuff in their opinion.

Again, TIA

And, please, no comments on the irony inherent in this. We don't want to
be un-subscribed, otherwise castigated or fan the flames of possible
list moderation. I know "the powers that be" will appreciate our
cooperation.

Last TIA

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.centos.org/pipermail/centos/attachments/20051012/52967d3a/attachment.bin


More information about the CentOS mailing list