Re: Apt-get is insecure
Previously Emiel Metselaar wrote:
> Could anyone point me to some documentation about how this fits within
> the 'usual' apt-get update apt-get install procedure.
The idea is:
* packages are signed using debsig and get one (or more) embedded
signatures
* apt & friends don't look at the signature and will just see a normal
package
* dpkg will call debsig-verify to verify the signature and validate the
package
The last step is currently skipped since /etc/dpkg/dpkg.cfg includes
the no-debsig option by default, otherwise debsig-verify would happily
reject all current packages.
Details on how debsig-verify verifies the signature (there is a whole
bunch of criteria you can specify) should be in the debsigs or
debsig-verify package.
Wichert.
--
_________________________________________________________________
/wichert@wiggy.net This space intentionally left occupied \
| wichert@deephackmode.org http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Reply to: