[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#247824: /usr/bin/dpkg-buildpackage: please consider using dpkg-sig instead of debsign

Scott James Remnant <scott@netsplit.com> wrote:
> On Fri, 2004-05-07 at 13:18 +0200, Marc Haber wrote:
>>   - it caches the passphrase, only requiring the maintainer to type
>>     the passphrase once
> Scary ... what security considerations does it undertake for the region
> of memory in which it stores the passphrase?

None, and that's the reason this feature is turned off by default.

>> Please consider adding an option to dpkg-buildpackage that allows
>> usage of dpkg-sig instead of debsign.
> debsign is part of dpkg, implementing the standard signed changes+dsc
> behaviour.

dpkg-sign signs .changes and .dsc files as well.

Please also look at the logs for #247825 where i've answered more or
less the same questions more extensive.

Marc
-- 
Fachbegriffe der Informatik - Einfach erklärt
45: IRQ
       Internet Relay Quak (Peter Berlich)
Reply to: