Bug#515938: marked as done (debootstrap: check release files by default, perhaps suggest/recommend)

To: Cyril Brulebois <kibi@debian.org>
Subject: Bug#515938: marked as done (debootstrap: check release files by default, perhaps suggest/recommend)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Fri, 15 May 2015 03:21:12 +0000
Message-id: <[🔎] handler.515938.D432309.143165985115885.ackdone@bugs.debian.org>
References: <20150515031730.GB15828@mraw.org> <20090218131337.178145fkwtm4ag00@webmail.physik.uni-muenchen.de>

Your message dated Fri, 15 May 2015 05:17:30 +0200
with message-id <20150515031730.GB15828@mraw.org>
and subject line Re: Bug#432309: should check Release signature by default?
has caused the Debian Bug report #432309,
regarding debootstrap: check release files by default, perhaps suggest/recommend
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
432309: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432309
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian BTS <submit@bugs.debian.org>

Subject: debootstrap: check release files by default, perhaps suggest/recommend

From: Christoph Anton Mitterer <christoph.anton.mitterer@physik.uni-muenchen.de>

Date: Wed, 18 Feb 2009 13:13:37 +0100

Message-id: <20090218131337.178145fkwtm4ag00@webmail.physik.uni-muenchen.de>
Package: debootstrap
Version: 1.0.10lenny1
Severity: wishlist

Hi.

Although I've chosen wishlist as priority I'd consider this very important:
debootstrap should check Release files by default, and only allowunsigned Release files, if a special parameter is given.
In that case it would be nice, to recommend or suggest debian-archive-keyring.
To retain compatibility one could depend on debian-archive-keyring,and use that keyring per default when no other is given.
Of course it would be nice if all types of Release file hashes (notjust MD5) are supported (and used)
Thanks,
Chris.

-- System Information:
Debian Release: 5.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-heisenberg (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_DE.UTF-8, LC_CTYPE=en_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages debootstrap depends on:
ii binutils 2.19.1-1 The GNU assembler, linkerand bina
ii  wget                          1.11.4-2   retrieves files from the web

debootstrap recommends no packages.

debootstrap suggests no packages.

-- no debconf information


----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
--- End Message ---

--- Begin Message ---

To: Christoph Anton Mitterer <calestyo@scientia.net>, 432309-done@bugs.debian.org
Subject: Re: Bug#432309: should check Release signature by default?
From: Cyril Brulebois <kibi@debian.org>
Date: Fri, 15 May 2015 05:17:30 +0200
Message-id: <20150515031730.GB15828@mraw.org>
In-reply-to: <1372554920.5294.11.camel@fermat.scientia.net>
References: <1372525853.26644.7.camel@heisenberg.scientia.net> <20130629174304.GA18809@gnu.kitenet.net> <1372531175.7301.35.camel@fermat.scientia.net> <20130629185717.GA6009@gnu.kitenet.net> <1372554920.5294.11.camel@fermat.scientia.net>

Christoph Anton Mitterer <calestyo@scientia.net> (2013-06-30):
> Hey Joey
> 
> On Sat, 2013-06-29 at 14:57 -0400, Joey Hess wrote:
> > I'm not talking about building debootstrap to bootstrap some other linux
> > distribution. I'm talking about the common practice of using it to
> > bootstrap debian from other linux distributions.
> Sure... I did the same...
> 
> If you use debootstrap from another distro... you must build it there,
> right?
> 
> And during such build ./configure could e.g. check for
> /etc/debian_version or perhaps /etc/os-release
> If it finds something it knows (e.g. Debian or Ubuntu)... it could hard
> code the expectancy of a keyring ... or not.
> 
> 
> 
> Anyway... as said I think for most security, it would be best if per
> default it always expects a keyring, unless --no-check-gpg is given.
> Regardless of where it is build or what you try to bootstrap.
> 
> Systems that depend on not checking for signatures will be quickly
> identified and can be simply made working again by adding
> --no-check-gpg... and that's actually a good way for people to see that
> they might have a security problem. At least it's better instead letting
> people accidentally shoot themselves into their feet.
> 
> In that case it should however try to use default keyrings (if
> available) e.g. debian-archive-keyring for any Debian based suite.
> or emdebian-archive-keyring for emdebian, etc.
> The problem here is just, that the suite name might be ambiguous... :(

No, we won't make requiring keyring checks the default; but you can now
request it, see #733179 (where you'll also find the reasons against a
change in the default behaviour).

Closing this bug report accordingly.

Mraw,
KiBi.

Attachment: signature.asc
Description: Digital signature

--- End Message ---

Reply to:

Prev by Date: Bug#610753: marked as done (debootstrap: use apt trusted keys with --keyring by default)
Next by Date: Bug#665638: marked as done (prevent debootstrap vom needing SHA256sums)
Previous by thread: Bug#610753: marked as done (debootstrap: use apt trusted keys with --keyring by default)
Next by thread: Bug#665638: marked as done (prevent debootstrap vom needing SHA256sums)
Index(es):
- Date
- Thread