Re: New Maintainers

To: debian-project@lists.debian.org
Subject: Re: New Maintainers
From: Florian Weimer <fw@deneb.enyo.de>
Date: Mon, 22 Sep 2003 20:46:51 +0200
Message-id: <[🔎] 20030922184651.GA9872@deneb.enyo.de>
In-reply-to: <[🔎] 20030922062523.GB3078@azure.humbug.org.au>
References: <[🔎] 20030921145320.GA22495@deprecation.cyrius.com> <[🔎] 20030921171537.GJ1360@alcor.net> <[🔎] 20030922055606.GA12533@deneb.enyo.de> <[🔎] 20030922062523.GB3078@azure.humbug.org.au>

On Mon, Sep 22, 2003 at 04:25:23PM +1000, Anthony Towns wrote:

> http://people.debian.org/~ajt/apt-check-sigs
> 
> There's a patch to apt floating around that integrates this checking
> properly too.

I know that there several implementations of this concept (one is even
in the APT CVS, I think), but unless this is enabled by default (and can
be enabled retroactively for existing stable installations), our problem
isn't solved.

Keep in mind that many people assume that GNU/Linux distributions are
"secure by default", so it's quite improbable that they will install
random additional packages to resolve security issues they don't
understand. (And we can't force them because the externally visible
effect of signature checking is minimal.)

Reply to:

References:
- New Maintainers
  - From: Martin Michlmayr <tbm@cyrius.com>
- Re: New Maintainers
  - From: Matt Zimmerman <mdz@debian.org>
- Re: New Maintainers
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: New Maintainers
  - From: Anthony Towns <aj@azure.humbug.org.au>

Prev by Date: Re: Debain-Edu and Skolelinux
Next by Date: Secure APT (was: Re: New Maintainers)
Previous by thread: Re: New Maintainers
Next by thread: Re: New Maintainers
Index(es):
- Date
- Thread