In nasty world of Windows you can digitally sign installation package (exe) and during installation check if its authentic or not.
Any idea how to check same under FreeBSD(preferably in conjunction with pkg_add)?
Thanks
Asked
Active
Viewed 712 times
1 Answers
4
FreeBSD packages are not signed, depending on your environment ports or PBIs might be alternatives.
FreeBSD ports include an authentication chain: portsnap verifies signatures for its ports tree updates and all downloaded sources are checked by an SHA digest.
The PBI packet system includes some more features, including digital signatures.
Addendum: the new pkgng is in development and supports signed repositories.
mschuett
- 3,066
- 20
- 21