Bug#775454: Allow user blocking of https fallback
On Fri, 2015-05-15 at 04:58 +0200, Cyril Brulebois wrote:
> Control: tag -1 pending
>
> jnqnfe <jnqnfe@gmail.com> (2015-01-15):
> > Package: debootstrap
> > Severity: important
> > Tags: security patch
> >
> > In the event of a GPG keyring not being found, debootstrap may fallback
> > to the alternative security of an https mirror.
> >
> > Users lacking the requisite GPG keyring file (or perhaps just making a
> > typo in their parameters) may not necessarily be satisfied with the
> > security of https. They might like a choice of simply receiving an error
> > instead, prompting them to investigate and resolve the missing keyring
> > issue, and should not be expected to have to take care to watch the log
> > output to check the file was found and if not then terminate the process
> > in such cases.
> >
> > The attached patch adds a simple new --no-https-fallback parameter to
> > provide users with control over the fallback behaviour.
> >
> > Note, this patch builds upon my patches for bugs #661501 and #775449; I
> > haven't checked whether conflicts occur if applying it without those
> > already in place, applogies for that, I have a lot of work to do.
>
> I've implemented a slightly modified version of your patch. Feel free to
> follow up in case I missed something:
> https://anonscm.debian.org/cgit/d-i/debootstrap.git/commit/?id=be99f7b
>
> Mraw,
> KiBi.
Looks good to me! :)
Reply to: