reassign 553374 apt-setup retitle 553374 Should make proxy password only readable by root thanks Quoting Yohann Lepage (yohannlepage@2xyo.info): > 2009/10/31 Christian Perrier <bubulle@debian.org>: > > Why not in a file in /etc/apt/apt.conf.d which you could set to 0600? > Yes it's a good idea. But this is not the default behavior. APT has nothing to do with this, then. The proxy setting is put in apt.conf by D-I when it configures APT for the first time. So, what could be done is to put an apt.conf configuration snippet in /etc/apt/apt.conf.d, make it readable only by root....and do this *only* when proxy settings contain a user/password pair. I'm not completely sure this is such a great idea. What about possible use cases for APT when users are not root? I believe that: - the user/password used to access the proxy should not be a login that belongs to a real user (as it means using a named login for a role use) - all this should be left up to the local administrator. Reassigning anyway. If something is done, that will be in the apt-setup component of D-I.
Attachment:
signature.asc
Description: Digital signature