Bug#733179: debootstrap should abort if the keyring is missing, not just warn
Package: debootstrap
Version: 1.0.55
Tags: patch, security
The keyring might not be available on non-Debian distros, so that warning should instead be a spectacular fail instead of risking running arbitrary code. Might not be a very serious issue for Debian, but I tagged it as 'security' anyway. A patch is attached.
P.S.
c72e1705 (Joey Hess 2011-03-25 14:35:02 -0400 524) warning KEYRING "Cannot check Release signature; keyring file not available %s" "$KEYRING_WANTED"
I don't want to bash people for this, but I feel security isn't being taken seriously; see bug #722906, look how the package manager gladly goes about building unverified packages and probably a bunch of other things I might have not noticed yet and make me want to abandon Debian completely on machines I admin.
Apologizing if that was too much acid,
Eduard
From 8b02a8dcdd315b85fbc8246ae0265faed1828ab8 Mon Sep 17 00:00:00 2001
From: Eduard - Gabriel Munteanu <edgmnt@gmail.com>
Date: Thu, 26 Dec 2013 20:39:36 +0200
Subject: [PATCH] Abort if keyring is missing, don't just warn.
Signed-off-by: Eduard - Gabriel Munteanu <edgmnt@gmail.com>
---
functions | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/functions b/functions
index a2e1431..69d8ea7 100644
--- a/functions
+++ b/functions
@@ -521,7 +521,7 @@ download_release_sig () {
"$relsigdest" "$reldest" || true) | read_gpg_status
progress 100 100 DOWNRELSIG "Downloading Release file signature"
elif [ -z "$DISABLE_KEYRING" ] && [ -n "$KEYRING_WANTED" ]; then
- warning KEYRING "Cannot check Release signature; keyring file not available %s" "$KEYRING_WANTED"
+ error 1 NOKEYRING "Cannot check Release signature; keyring file not available %s" "$KEYRING_WANTED"
fi
}
--
1.8.3.2
Reply to: