Re: Secure apt-get

[andrew@pimlott.ne.mediaone.net (Andrew Pimlott)]

On Fri, Jan 19, 2001 at 10:04:41AM +0100, Goswin Brederlow wrote:
> The question is weather there is a chain of signatures from your key
> to any other maintainer. Provided you fully trust every maintainer to
> only sign keys after checking the id, that would give you enough prove
> that each maintainer is who he says.
>
> Still, maybe one of those maintainers is the man in the middle and
> wants to do something nasty. He can just stick in some code into his
> source that checks for your user, hostname, hardware or similar stuff
> and then delete your harddrive.

Nobody will do this without first compromising the keyring, because
it would be trivial to trace it back to his key and from there to
his physical identity.

> Given the amount of source in debian,
> this probably goes unnoticed pretty long.

I would much rather trust "all Debian maintainers" than "the
Internet".  I think most other users would agree.  And I believe
that Debian can maintain secure enough build servers for the
signature to mean something.

Andrew

-- 
Capitalism interprets regulation as damage, and routes around it.