[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Revival of the signed debs discussion

On Mon, Dec 01, 2003 at 03:56:59PM +0000, Scott James Remnant wrote:
> Assuming that level of compromise, there's no recent to suspect that
> they couldn't have free reign adding anything to the archive they
> wanted.  Signed .debs gain you nothing here.

If every .deb must be signed by a developer, and we assume that no
developer leaves secret keys on public machines, then signed .debs does
save the day.

Even if the attacker could place a new keyring file in the archive,
people verifying signatures on signed .debs would not install it, since
it would not have the signature of a developer.

All other attacked debs would also fail to install, since they would not
have the signature of a developer.

Reply to: