On Sat, 2013-06-29 at 13:43 -0400, Joey Hess wrote: > debootstrap is used on a wide variety of non-debian systems, which do > not have it installed, and probably have no trust path to securely > install the debian keyring. I don't see why this should cause a problem... AFAIU, right now it must have already hardcoded the default keyring for the distro it was built for, right? i.e. on Debian /usr/share/keyrings/debian-archive-keyring.gpg So if such keyring was specified during build... it should strictly require it as I've mentioned before... (unless another --keyring or --no-check-gpg is given) If it's built for *buntu it should strictly ... the same just perhaps with: /usr/share/keyrings/marks-key.gpg or whatever they use. And if it's build for no known distro... it could behave as you say: not verifying any keys per default... Still I wouldn't like that and would rather choose that such versions need to explicitly specify either --keyring or --no-check-gpg. At least that would be the secure solution... but at least Debian people would be safe in any circumstance. Cheers, Chris.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature