diff options
author | Dan McGee <dan@archlinux.org> | 2009-08-24 13:23:44 -0500 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2011-03-23 00:26:54 -0500 |
commit | a4120f2015ae4d5880642e16c81acadbab77555d (patch) | |
tree | 0fd937049a90694f082738af3b1ef297c76bc742 /HACKING | |
parent | 8fde399fe62c3a08310e1830bb15b6e93ed360f9 (diff) | |
download | pacman-a4120f2015ae4d5880642e16c81acadbab77555d.tar.xz |
repo-add: allow signing of the package database
In order to be fully secure, we can't only sign packages. We also need
to sign our repository metadata to prevent database falsification,
dependency injection, etc. Add an '-s/--sign' option that allows this
functionality, and will generate a .sig file side-by-side with the
package database.
While at it, fix the issue where a signature file would never be found
because of 'cd' madness (this needs fixing in another commit).
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'HACKING')
0 files changed, 0 insertions, 0 deletions