Bug#515938: debootstrap: check release files by default, perhaps suggest/recommend
Package: debootstrap
Version: 1.0.10lenny1
Severity: wishlist
Hi.
Although I've chosen wishlist as priority I'd consider this very important:
debootstrap should check Release files by default, and only allow
unsigned Release files, if a special parameter is given.
In that case it would be nice, to recommend or suggest debian-archive-keyring.
To retain compatibility one could depend on debian-archive-keyring,
and use that keyring per default when no other is given.
Of course it would be nice if all types of Release file hashes (not
just MD5) are supported (and used)
Thanks,
Chris.
-- System Information:
Debian Release: 5.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-heisenberg (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_DE.UTF-8, LC_CTYPE=en_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages debootstrap depends on:
ii binutils 2.19.1-1 The GNU assembler, linker
and bina
ii wget 1.11.4-2 retrieves files from the web
debootstrap recommends no packages.
debootstrap suggests no packages.
-- no debconf information
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
Reply to: