Reply to comment



You are correct when you say that there are potential problems with the depsolvers (yum and others) and I think my article ends to point out that we should not minimize those risks and developers definitely should look into them.

What I simply wanted to make clear is that we do more than just accept mirror-requests and that a mirror is not just offered whatever the accuracy of the mirror is. We do verify for forgery or malicious content.

But here also, yes, you have a good point about providing different content to different clients and unfortunately we trust other mechanisms (from the depsolver) to make sure that the user is not affected.


Please refrain from adding URLs to unrelated or commercial websites. This site is moderated and comments with inappropriate links are rejected. Thank you for your understanding.
The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options