[pmwiki-users] Infected Cookbook Recipes?
Hans
design5 at softflow.co.uk
Mon Sep 22 07:11:27 CDT 2008
Monday, September 22, 2008, 9:37:56 AM, Christophe David wrote:
> If a recipe developer is willing to do that little extra work, a GPG
> signature for the recipe would be all that is required. The
> developer's public key can be made available on any key server so that
> anyone could check the recipe has not be altered in any way.
> http://www.gnupg.org/
> http://getfiregpg.org/
sorry, I do not understand these tools.
Is a GPG signature added to the code in a script, or does the script
need to be packaged in some special container, which is signed?
If it is the first, how does it prevent anyone to copy and use in
their own modified script?
If it is the latter than it is a considerable extra burden for
publishing a recipe script. I really just want to upload updated
recipe scripts, without having to bother about packages.
I try even to avoid zipping things if possible.
~Hans
More information about the pmwiki-users
mailing list