On Tue, Jul 8, 2008 at 9:50 AM, Johnny Hughes <jhughes at hughesjr.com> wrote: > Axel Thimm wrote: > >> On Mon, Jul 07, 2008 at 04:20:30PM -0600, Kenneth Burgener wrote: >> >>> On 7/7/2008 2:26 PM, Scott Silva wrote: >>> >>>> on 7-7-2008 12:45 PM Kenneth Burgener spake the following: >>>> >>>>> "The CentOS 5/RHEL 5 repository from atrpms.net is safe to use, if you >>>>> only use the stable version. Packages in there do not overwrite system >>>>> packages." [1] >>>>> >>>>> [1] http://wiki.centos.org/AdditionalResources/Repositories/ >>>>> >>>> You need to use the priorities plugin if you are going to use 3rd party >>>> repos. There is no other safe way about it. >>>> >>> >> Using client side filtering is not recommended, it creates more bugs, >> than it can solve. The proper thing is to take care of it on the >> server side, where the package owners are supposed to know how to >> structure the repos. >> > > Client filtering is not recommended by some people ... but highly > recommended by others :-D > > I would be one of the highly recommended votes > If you want to protect your box, use priorities, as Johnny and many others here recommend.. Nobody else is going to protect your box for you. You set the priorities and you protect it. To be polite, I believe the 4 line blurb above, about client side filtering is B.S. It is your box, it is your job to protect your box. Do not trust anyone else to protect your box, whether it is security related or related to repos for packages. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080708/55374394/attachment-0003.html>