Hey Joey On Sat, 2013-06-29 at 14:57 -0400, Joey Hess wrote: > I'm not talking about building debootstrap to bootstrap some other linux > distribution. I'm talking about the common practice of using it to > bootstrap debian from other linux distributions. Sure... I did the same... If you use debootstrap from another distro... you must build it there, right? And during such build ./configure could e.g. check for /etc/debian_version or perhaps /etc/os-release If it finds something it knows (e.g. Debian or Ubuntu)... it could hard code the expectancy of a keyring ... or not. Anyway... as said I think for most security, it would be best if per default it always expects a keyring, unless --no-check-gpg is given. Regardless of where it is build or what you try to bootstrap. Systems that depend on not checking for signatures will be quickly identified and can be simply made working again by adding --no-check-gpg... and that's actually a good way for people to see that they might have a security problem. At least it's better instead letting people accidentally shoot themselves into their feet. In that case it should however try to use default keyrings (if available) e.g. debian-archive-keyring for any Debian based suite. or emdebian-archive-keyring for emdebian, etc. The problem here is just, that the suite name might be ambiguous... :( Cheers, Chris.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature