Re: security of apt
On Sun, Jan 25, 2004 at 04:12:59PM +0100, Erik Hjelmås wrote:
> Hi,
>
> I've spent a few hours searching, what Im looking for is a discussion
> of different security aspects of apt, questions like
> - What are the possible threats in terms of ip spoofing, dns cache
> poisoning? (are there any solutions in terms of PKI (PGP) or similar
> discussed somewhere?)
that issue is the same as for every web-based download. apt-get relys
on your sources.list which according to man sources.list currently
knows entries for http, ftp, cd-rom and file.
So apart from cd-rom, you ask for the security of http, ftp and i.e. nfs
or any other remote-mountable filesystem.
Horst.
--
Join the army, see the world, meet interesting, exciting people, and kill them.
Reply to: