Re: Revival of the signed debs discussion
Andreas Barth <firstname.lastname@example.org> writes:
> * Henning Makholm (email@example.com) [031206 13:25]:
> > Scripsit Goswin von Brederlow <firstname.lastname@example.org>
> > > If a package is compromised we can proof that the DD of the package
> > > either is malicious or incompetent.
> > Say, we just had a major compromise on certain Debian machines. Pray
> > tell, who do you think this proves is malicious or incompetent? We'd
> > certainly want to toss out the culprit ASAP.
If a mail goes around saying the key of xyz got compromised I would
block any package with that key from getting installed (given signed
debs), in a heartbeet.
How or what is to blame can be sorted out later.
> IMHO there can also be a third explanation: "Bad luck". But this also
> nullifies the trust in any keys on any compromised machine - and the
> administrators did replace the keys.
And currently its very hard to remove packages build by a compromised
maintainer from a local system or even check if one has any.