Attacks on Package Managers - ummm... (Planet CentOS)
Johnny Hughes looks at
the security of CentOS Mirrors. "
First, let me explain the CentOS mirror system. CentOS directly controls about 30 mirror servers from which we serve updates via yum and rsync to other public mirrors and to users directly. These mirrors are members of the CentOS.org domain and are totally controlled by the CentOS project. These mirrors can be totally trusted because only CentOS Project personel have login or update access to these machines."