Re: AW: dselect / apt-get and packages
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi there
Thanks! So to bring my questions to an end: In dpkg 1.9.21 the signature
checking feature for the .debs is compiled into the code AND active as
soon as debsig-verify is installed. I read the mentioned thread too, but
it was not clear to me if this was only a feature, that's not activated
yet or anything. Furthermore, there are lots of different opinions
around concerning this security feature. Some say it is included, others
say not.
In this case we can say: When doing network installs via dselect or any
other apt-get frontend, the signatures of the .debs are checked during
installation time, IF debsig-verify is installed. This works at least
from dpkg 1.9.21 on.
Marcel
Am Mittwoch den, 10. Juli 2002, um 21:10, schrieb Rick Moen:
~ $ dpkg --help | grep verify
--no-debsig Do no try to verify package signatures
--
Cheers, There are only 10 types of people in this world --
Rick Moen those who understand binary arithmetic and those who
don't.
rick@linuxmafia.com
- -------------------
PGP / GPG Key: http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (Darwin)
Comment: For info see http://www.gnupg.org
iD8DBQE9LIpA1EXMUTKVE5URAgv3AJ4kw6d8oCPON/gNLwbwgy4zECcxhQCePkKA
U8zOur9mVzJfdD8UtWeaIWc=
=QJPc
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: