Re: Future security problem (was Re: be careful with Replaces, please)
On Sun, 30 Nov 1997, Brandon Mitchell wrote:
> I'd also be interested in some kind of verification, so I can accept all
> packages put together by some maintainer, and the maintainers on the
> debian keyring, but no one else.
I had exactly the same idea in the previous KDE/virtual package discussion
on debian-private.
I suggest that we add a new control field to our packages called "Origin:"
(or similar). This could either be set to "SPI" or "Debian", for example.
Then, all Debian packages should be signed with some PGP key (either only
one key for the whole system or by the maintainer's key).
dpkg could have its own keyring. Whenever dpkg installs a package, it
checks the key against its keyring. If the key is not found in the
keyring, dpkg stops installing (this can be overriden by some --force
option).
The default keyring would probably be the developers keyring. The sysadmin
could then add new keys of persons/organziations which he/she trusts to
that keyring.
In addition, the origin tag could be used for special dependencies. For
example, the Debian KDE packages can conflict with KDE's KDE packages
(which happen to have the same package names).
Comments?
Thanks,
Chris
-- Christian Schwarz
schwarz@monet.m.isar.de, schwarz@schwarz-online.com
schwarz@debian.org, schwarz@mathematik.tu-muenchen.de
PGP-fp: 8F 61 EB 6D CF 23 CA D7 34 05 14 5C C8 DC 22 BA
CS Software goes online! Visit our new home page at
http://www.schwarz-online.com
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: