[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: apt 0.6 and how it does *not* solve the problem

martin f krafft <madduck@debian.org> writes:

> > The logical conclusion from your arguments is that we should
> > actually remove the ssh package from Debian!
> How so?

If we shouldn't sign and check signatures because there are still ways
of subverting one's ssh binary, then we shouldn't even distribute ssh
binaries.  Doesn't such distribution cause a false sense of security?

Reply to: