Re: Apt-get is insecure

To: debian-security@lists.debian.org
Subject: Re: Apt-get is insecure
From: Wichert Akkerman <wichert@wiggy.net>
Date: Mon, 17 Dec 2001 16:33:46 +0100
Message-id: <[🔎] 20011217153346.GC30300@wiggy.net>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 01121716174302.00516@femme>
References: <[🔎] 20011213172418.A25716@karjala.org> <[🔎] E16EYS9-0002IA-00@mkiglo6> <[🔎] 20011213162014.GA14968@wiggy.net> <[🔎] 01121716174302.00516@femme>

Previously Hendrik Naumann wrote:
> All or just those that are not signed correctly?

All, since none are signed currently. If we only use signatures
from developers the debsig policy would also be huge since you
would need to list 500+ keys in it and update it regularly.

> Is there the possibility to just get an warning?

No(t yet).

Wichert.

-- 
  _________________________________________________________________
 /wichert@wiggy.net         This space intentionally left occupied \
| wichert@deephackmode.org            http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Reply to:

References:
- Apt-get is insecure
  - From: Alexander Karelas <karjala_lists@yahoo.co.uk>
- Re: Apt-get is insecure
  - From: Emiel Metselaar <e.d.metselaar@phys.rug.nl>
- Re: Apt-get is insecure
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: Apt-get is insecure
  - From: Hendrik Naumann <hn75@gmx.de>

Prev by Date: Re: Apt-get is insecure
Next by Date: Problem with IPTables
Previous by thread: Re: Apt-get is insecure
Next by thread: Re: Apt-get is insecure
Index(es):
- Date
- Thread