Re: Automatic Debian security updates, an Implementation

["R. Bradley Tilley" <rtilley@vt.edu>]

Why can't apt-get be modified to check the md5sum of a package against an 
official debian md5sum list before downloading and installing debs? This 
seems much simpler and easier than signing debs.

On Friday 18 October 2002 09:55 am, Jan Niehusmann wrote:
> On Fri, Oct 18, 2002 at 08:20:14AM -0500, Joseph Pingenot wrote:
> > If people are interested enough in it, I might throw together something
> >   more formal.
>
> IMHO there is no lack of interesting ideas - what we really need are
> implementations.
>
> apt-check-sigs is a nice proof-of-concept, and the debsigs stuff could
> also improve security significantly. Together, I'd say they'd suffice to
> make the debian mirrors extremely tamper-proof.
>
> But apt-check-sigs is lacking nice integration into existing tools, and
> debsigs doesn't really work, because packages are not signed, which is
> IMHO caused by inappropriate helper tools at packaging time.
>
> So implementing these tools, and then changing policy to make package
> signatures mandatory, seems to be the most feasible approach.
>
> Writing new proposals for advanced security schemes doesn't help and may
> even delay implementation of working mechanismns.
>
> Jan