[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: leaks in our only-signed-software fortress

On Sat, Feb 18, 2012 at 04:31:19PM +0100, Ansgar Burchardt wrote:
> Jakub Wilk <jwilk@debian.org> writes:
> > * Ansgar Burchardt <ansgar@debian.org>, 2012-02-18, 14:14:
> >>>Could you point us to those which were ignored or denied?
> >>At least pbuilder still disables secure APT by default, see #579028.
> >
> > The bug is closed. Am I missing something?
> pbuilder was changed to pass the --keyring argument to debootstrap by
> default and there now is an option to enable secure apt, but it is still
> disabled by default.

This should be safe to enable now.  We had problems enabling it in
sbuild (in 2005)  when tools first started supporting it for backward-
compatibility reasons, but it's been the default for some time now
(since July 2008) since everything we would want to build on
supports it.


  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux    http://people.debian.org/~rleigh/
 `. `'   schroot and sbuild  http://alioth.debian.org/projects/buildd-tools
   `-    GPG Public Key      F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800

Reply to: