On Wed, Oct 10, 2007 at 06:38:36PM -0400, Douglas A. Tutty wrote: > On Wed, Oct 10, 2007 at 03:31:16PM -0700, Raquel wrote: > > I'm wanting to install a package from outside Debian, Symfony. It's > > a PHP framework. However, I got scared because of all the warnings > > that aptitude showed me. Do I really need to be careful of > > installing something like this? > > Since you haven't told apt that you trust this source, then yes. You > always have to be careful installing something from an untrusted source. > I've never heard of Symfony but then I don't do PHP. > > Do you trust the souce for Symfony? Does its repository have an apt > keyring? If you trust it, install the keyring and then apt will trust > it. but be sure to verify the keys on that keyring. Raquel - aptitude showed you those warnings because it couldn't verify the signatures on the package you were trying to install, if there were any signatures at all. If you aren't equipped with the skills to verify to your own satisfaction the safety of a package, then you should stick with debian packages and not move outside that. A
Attachment:
signature.asc
Description: Digital signature