Virus and non-official .deb's

To: John Hasler <john@dhh.gt.org>
Cc: Debian-user <debian-user@lists.debian.org>
Subject: Virus and non-official .deb's
From: Roberto Diaz <rdiazmartin@vivaldi.ddts.net>
Date: Sat, 31 Mar 2001 20:44:11 +0200 (MEST)
Message-id: <[🔎] Pine.LNX.4.21.0103312038080.4553-100000@vivaldi.ddts.net>
In-reply-to: <[🔎] 87d7axiyvj.fsf@toncho.dhh.gt.org>

> Roberto writes:
> > What chances do we have to get a virus from a malicious .deb package
> > someone had leak into debian.org?
> 
> It would have to acquire the signature of a Debian developer to get into
> unstable, remain dormant for at least two weeks to get into testing, and
> lie dormant there until the next release in order to get into stable.

Yes but shouldt we wipe out from our sources.list non-official sites?

They could be dangerous... 

For example I have this: 

# Galeon web browser
deb ftp://galeon.sourceforge.net/pub/galeon/nightly/debian galeonpotato/

Of course I am **not** telling that people from galeon are going to send
us a virus.. in fact they are not this is just an example of .deb's I can
recieve from non-official sites.

But in a lot of places you can find things like:

"For debian potato add the following to your sources.list... etc.." 

Someone could leak a virus into your system this way...

Regards

Roberto

------------------------------------------------------------------------
Roberto Diaz <rdiazmartin@vivaldi.ddts.net>
http://vivaldi.ddts.net 
Powered by ddt dynamic DNS
Powered by GNU running on a Linux kernel.
Powered by Debian (The real wonder)

Concerto Grosso Op. 3/8 A minor
Antonio Vivaldi (so... do you need beautiful words?)
------------------------------------------------------------------------

Reply to:

References:
- Re: Linux Virus
  - From: John Hasler <john@dhh.gt.org>

Prev by Date: Problem with mplayer
Next by Date: XFree86
Previous by thread: Re: Linux Virus
Next by thread: Re: Linux Virus
Index(es):
- Date
- Thread