Re: Apt-get is insecure
On Thu, 2001-12-13 at 10:44, Wichert Akkerman wrote:
> Previously Blake Barnett wrote:
> > Conectiva currently has support for signed _repositories_, as well as
> > signed RPM packages. Check out their /etc/apt/sources.list for more
> > info on it.
>
> That's exactly what I just described.. the Conectiva apt also seems
> to be based on an ancient version, they are at 0.3.19cnc53 while
> apt is up to 0.5.4 now.
Ah.. the way you described it I thought apt would be checking signatures
on packages individually. Indeed that version looks quite strange...
>
> Wichert.
>
> --
> _________________________________________________________________
> /wichert@wiggy.net This space intentionally left occupied \
> | wichert@deephackmode.org http://www.liacs.nl/~wichert/ |
> | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
--
Blake Barnett (bdb) <blake.barnett@developonline.com>
Sr. Unix Administrator
DevelopOnline.com office: 480-377-6816
"Do, or do not. There is no try." --Yoda
Reply to: