Re: leaks in our only-signed-software fortress
Am 18.02.2012 14:34, schrieb Neil Williams:
>- packages that eventually run some code which was downloaded
>debootstrap used to be like that, pbuilder, and some others
Only a bug if this happens by default.
It is perfectly acceptable to support an option to disable SecureApt
just as long as this is not the default. Tools in Debian need to work
with systems outside Debian and those do not necessarily *need*
SecureApt because the entire loop is internal or even local to the
Agreed,.... but it WAS the default till recently,.. e.g. in debootstrap
till 1.0.30, when my bug #560038 was fixed (thanks Joey :) ).
And of course anything that used debootstrap (e.g. pbuilder, piuparts
do so) was automatically insecure, too. (till then)