On Tue, Jul 8, 2008 at 12:42 PM, Axel Thimm <Axel.Thimm at atrpms.net> wrote: > On Tue, Jul 08, 2008 at 11:33:24AM -0700, Florin Andrei wrote: >> Johnny Hughes wrote: >>> >>> Client filtering is not recommended by some people ... but highly >>> recommended by others :-D >> >> It's a good idea on important systems - but then you shouldn't open >> those machines to outside repositories anyway. >> >> But if you don't do client-side filtering, you're helping the >> repositories to fix their problems and become cleaner. Everyone benefits >> in the long run. >> >> There is no "one true answer to rule them all" in this case. Use >> client-side filtering on the machines that must not break under any >> circumstances. Relax the policy in the other cases. Use common sense. > > Just to present an example from Fedora: clamav within Fedora was and > is considered rather cumbersome packaged and many users turn to 3rd > party repos to get clamav installed. > > If you place a filtering upon them, then some clamav subpackages will > come from the 3rd party repo and some from Fedora base leading to a > system that will possibly allow viruses to pass by. So actually the > filtering will be destabilizing your setup instead of protecting them. > > The true answer to this is cooperating/merged repos and we're > targeting this on rpmrepo.org. Join up and be part of the solution :) You might want to make some of the mailling lists public for people to join up on :). -- Stephen J Smoogen. -- BSD/GNU/Linux How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice"