Ok, repos generate a code that the root user has to verify as good (it asks root if it is ok to use this code once per repo). This code is assigned to that repo and no other. All the rpms that are installed from that repo contain that code. This prevents someone from hacking up a Trojan version of a rpm. This security is built into the system. You building a local repo is a way to circumvent that system. It is done in this way to discourage doing this. The vast majority of computers out there have a net connection. It is more secure to limit the number of sources through repos, as a guess 80% of the programs used are available from a repo. In the event that they are not, it is usually a relatively easy matter to compile the app on the system locally. If you locally install a rpm and disable the code this leaves you wide open to Trojan rpms.
As an aside, this forum is for non-native English speakers as well as native speakers. As the forum requires that these speakers use English it also means that the rest of us do too. IE, please stop using leet.
Last edited by lazlow; 10-05-2007 at 01:32 PM.
|