On Tue, Jul 08, 2008 at 11:33:24AM -0700, Florin Andrei wrote: > Johnny Hughes wrote: >> >> Client filtering is not recommended by some people ... but highly >> recommended by others :-D > > It's a good idea on important systems - but then you shouldn't open > those machines to outside repositories anyway. > > But if you don't do client-side filtering, you're helping the > repositories to fix their problems and become cleaner. Everyone benefits > in the long run. > > There is no "one true answer to rule them all" in this case. Use > client-side filtering on the machines that must not break under any > circumstances. Relax the policy in the other cases. Use common sense. Just to present an example from Fedora: clamav within Fedora was and is considered rather cumbersome packaged and many users turn to 3rd party repos to get clamav installed. If you place a filtering upon them, then some clamav subpackages will come from the 3rd party repo and some from Fedora base leading to a system that will possibly allow viruses to pass by. So actually the filtering will be destabilizing your setup instead of protecting them. The true answer to this is cooperating/merged repos and we're targeting this on rpmrepo.org. Join up and be part of the solution :) -- Axel.Thimm at ATrpms.net