On Fri, Oct 05, 2001 at 02:52:06PM -0500, Bryan Andersen wrote: > Does apt give a sane error message that would help track down the > problem, or does it generically complain it can't find the files? Err http://ftp.kernel.org woody/main Packages 301 Moved Permanently Failed to fetch http://ftp.kernel.org/debian/dists/woody/main/binary-powerpc/Packages 301 Moved Permanently thats it. > If it gave an error message with the reply from the server I'd say it does not. i had to use a web browser to find out what the redirect was to. > leave it alone. One NEEDS to get the urls updated in the > configuration file. What happens after a while when the original > server with the redirects goes away? Then the user has no idea > where the packages went. I don't think it should follow the > redirects. It should inform the user of the redirects and let the > user update the configuration file. If you want it to follow the > redirects it should notify the user and ask permission to do so. > It should not blindly follow them. agreed. > This issue also delves into security related issues quite quickly > as one could modify the config file on a server and have it > redirect to another server to distribute trojaned code. I don't > feel the following of redirects can be silent even if it on the > same server. well maybe, i tend to think if someone has the ability to add a redirect to the server they probably have sufficient privilege to start replacing packages with trojans anyway. the proper solution to this kind of security threat is gpg signed packages. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpNK64LAG6Am.pgp
Description: PGP signature