[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Revival of the signed debs discussion

On Thu, 4 Dec 2003 11:47:50 -0500, Matt Zimmerman <mdz@debian.org> said: 

> What kind of real world attacks do signed debs prevent?  Not a
> compromised buildd, or a compromised maintainer's workstation.

	It would allow me to copy .debs around with other people, or
 use .debs not made available through the usual chain of security; as
 long as the author hapens to be in my web of trust.

When the going gets weird, the weird turn pro. Hunter S. Thompson
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to: