Re: debsigs

To: Brian May <bam@debian.org>, debian-devel@lists.debian.org
Subject: Re: debsigs
From: Ben Collins <bcollins@debian.org>
Date: Tue, 26 Mar 2002 22:30:57 -0500
Message-id: <[🔎] 20020327033057.GN19032@blimpo.internal.net>
In-reply-to: <[🔎] 20020327032602.GC7441@snoopy.apana.org.au>
References: <[🔎] 87r8mfm39u.fsf@CERT.Uni-Stuttgart.DE> <[🔎] 20020321000430.GA7904@snoopy.apana.org.au> <[🔎] 20020321052420.GC20722@blimpo.internal.net> <[🔎] 20020321053930.GA12689@snoopy.apana.org.au> <[🔎] 20020327004655.GF19032@blimpo.internal.net> <[🔎] 20020327010653.GA7441@snoopy.apana.org.au> <[🔎] 20020327012334.GH19032@blimpo.internal.net> <[🔎] 20020327015217.GB7441@snoopy.apana.org.au> <[🔎] 20020327022101.GJ19032@blimpo.internal.net> <[🔎] 20020327032602.GC7441@snoopy.apana.org.au>

On Wed, Mar 27, 2002 at 02:26:02PM +1100, Brian May wrote:
> On Tue, Mar 26, 2002 at 09:21:01PM -0500, Ben Collins wrote:
> > By the time your example gets to checking sigs, the depends have already
> > been figured and things have been downloaded by apt, and are trying to
> > be installed. It's too late at that point to reject a package you don't
> > want, given that it successfully meets the signature criteria. Apt-get
> > already has mechanism to control what packages from which sources you
> > want to take into account.
> 
> I assume the Release file will be signed?
> 
> (ie. the file that is used for checking in /etc/apt/preferences?)
> 
> If so, this may be another alternative.
> 
> If not, then any criteria you set in /etc/apt/preferences can
> be faked by changing the details in the downloaded Release file.

The Release files are already signed (Release.gpg, IIRC).

-- 
 .------==-=======--------=====------------=-=-----.
/       Ben Collins    --    Debian GNU/Linux       \
`               bcollins@debian.org                 '
 `---=========---====----------==-===-------=--=---'


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: ITI: HTTPS method for apt
  - From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>
- Re: ITI: HTTPS method for apt
  - From: Brian May <bam@debian.org>
- Re: ITI: HTTPS method for apt
  - From: Ben Collins <bcollins@debian.org>
- Re: debsigs
  - From: Brian May <bam@debian.org>
- Re: debsigs
  - From: Ben Collins <bcollins@debian.org>
- Re: debsigs
  - From: Brian May <bam@debian.org>
- Re: debsigs
  - From: Ben Collins <bcollins@debian.org>
- Re: debsigs
  - From: Brian May <bam@debian.org>
- Re: debsigs
  - From: Ben Collins <bcollins@debian.org>
- Re: debsigs
  - From: Brian May <bam@debian.org>

Prev by Date: Re: ITP: mencal -- A menstruation calendar
Next by Date: Re: /etc/mailname manual page
Previous by thread: Re: debsigs
Next by thread: Re: debsigs
Index(es):
- Date
- Thread