dselect / apt-get and packages
Hi
I just have a silly question: During a discussion in a newsgroup about the
Mac OS X Software Update vulnerabity
(http://www.cunap.com/~hardingr/projects/osx/exploit.html) someone said,
that this could happen with debian, too. I argued, that this is not possible
as debian uses pgp / gpg signatures to check the integrity of the packages.
My question now is the following:
I'm working with dselect to do an update. Then I install all the new
packages. Are the package's signatures checked automatically AND would the
system complain if a signature wouldn't be valid or missing?
Marcel
--------------------
PGP / GPG Key: http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: