[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

dselect / apt-get and packages


I just have a silly question: During a discussion in a newsgroup about the
Mac OS X Software Update vulnerabity
(http://www.cunap.com/~hardingr/projects/osx/exploit.html) someone said,
that this could happen with debian, too. I argued, that this is not possible
as debian uses pgp / gpg signatures to check the integrity of the packages.

My question now is the following:

I'm working with dselect to do an update. Then I install all the new
packages. Are the package's signatures checked automatically AND would the
system complain if a signature wouldn't be valid or missing?



PGP / GPG Key:    http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc

To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: