Re: third-party packages adding apt sources

To: debian-project@lists.debian.org
Subject: Re: third-party packages adding apt sources
From: Russ Allbery <rra@debian.org>
Date: Thu, 19 May 2016 11:12:59 -0700
Message-id: <[🔎] 87zirlgbmc.fsf@hope.eyrie.org>
In-reply-to: <[🔎] 573DF495.5080002@pocock.pro> (Daniel Pocock's message of "Thu, 19 May 2016 19:15:01 +0200")
References: <[🔎] 573DD944.3010208@pocock.pro> <[🔎] 22333.61955.191976.152117@chiark.greenend.org.uk> <[🔎] 573DF495.5080002@pocock.pro>

Daniel Pocock <daniel@pocock.pro> writes:

> Another thing comes to mind: making sure that even if the user
> explicitly allows some other repository, they are protected from package
> updates that come along and replace other things like apt itself, libc,
> bash, gnupg, ...

While this would be nice to prevent accidents, it's not clear that you can
really establish any security guarantees.  You can protect against some
very obvious things, such as wholesale replacing core packages, but
postinst scripts still run as root and can do anything they want.  So you
don't get any real security benefit here that I can see.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

References:
- third-party packages adding apt sources
  - From: Daniel Pocock <daniel@pocock.pro>
- Re: third-party packages adding apt sources
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: third-party packages adding apt sources
  - From: Daniel Pocock <daniel@pocock.pro>

Prev by Date: Re: third-party packages adding apt sources
Next by Date: Re: third-party packages adding apt sources
Previous by thread: Re: third-party packages adding apt sources
Next by thread: Re: third-party packages adding apt sources
Index(es):
- Date
- Thread