[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Ubuntu 16.04 server --- Contacting host: when packag

From: Robert Pluim
Subject: Re: Ubuntu 16.04 server --- Contacting host: when package-refresh-contents
Date: Wed, 17 Jan 2018 15:41:16 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.91 (gnu/linux)

Dan Čermák <address@hidden> writes:

> The tile sounds a little click-baity, but it is actually a good tutorial
> how to secure the connection to (m)elpa.
> Afaik there has been no malware on melpa, but if you download your
> packages via http, someone could in theory tamper with your connection
> and inject malicious code.
> So, don't panic & use https ;-)

The upcoming Emacs 26 should be much better in this regards, as it
uses https by default for elpa downloads.  Some of the advice in that
blog entry is still useful though.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]