Bug#247824: /usr/bin/dpkg-buildpackage: please consider using dpkg-sig instead of debsign
Scott James Remnant <scott@netsplit.com> wrote:
> On Fri, 2004-05-07 at 13:18 +0200, Marc Haber wrote:
>> - it caches the passphrase, only requiring the maintainer to type
>> the passphrase once
> Scary ... what security considerations does it undertake for the region
> of memory in which it stores the passphrase?
None, and that's the reason this feature is turned off by default.
>> Please consider adding an option to dpkg-buildpackage that allows
>> usage of dpkg-sig instead of debsign.
> debsign is part of dpkg, implementing the standard signed changes+dsc
> behaviour.
dpkg-sign signs .changes and .dsc files as well.
Please also look at the logs for #247825 where i've answered more or
less the same questions more extensive.
Marc
--
Fachbegriffe der Informatik - Einfach erklärt
45: IRQ
Internet Relay Quak (Peter Berlich)
Reply to: