Bug#341976: patch for apt-key adding interactive mode and keyserver support
Dies schrieb Julian Andres Klode (jak@debian.org):
> > apt-key --interactive fetch <keyid>
> >
> > will download the specified key from a keyserver, presenting its data
> > to the user and awaiting confirmation before adding the key.
> >
> > Without --interactive/-i, the fetch command will be denied due to security
> > considerations.
> I don't see a reason to do this. This is a command-line tool which only
> works as root and limiting the root user is non-sense. He could just
> point gpg to APT's keyring and add the key without apt-key, thus there
> is no security benefit in requiring interactiveness.
I added this requirement to keep people from blindly retrieving keys from
a keyserver without verifying them or thinking about the trust they put into
the people behind the keys.
(see also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=341976#17)
However, I think either removing the --interactive requirement or
adding a --force/--noverify option to override it could be worthy of discussion.
Reply to: