Bug#318630: Design TRUSTED support
On Mi, 2010-06-02 at 11:26 +0200, Goswin von Brederlow wrote:
> Any objections to the proposed design for this feature?
>
> - deb [key=0x1AB52325534,0x3475BDF478] ...
> Only accept signatures by one of the listed fingerprints
Sounds good.
>
> - deb [keyring=foobar.gpg] ...
> Use foobar.gpg to verify the signatures and only foobar.gpg.
What kinds of file names are supported:
a) absolute paths
b) files relative to /usr/share/keyrings/
Do we want to do permission checks on those files (i.e. only accept
files not writeable by normal users)?
>
> deb [trust=always|never] ....
> Ignore the Release signature and just always or never trust the
> source. "always" would be for file:// or sources on the local
> network where you don't care if it is unsigned. "never" would be for
> repositories you want to always be asked before they are used and
> which should not replace packages from more trusted repositories.
Let's add trust=moo, which let's a cow ask you whether you trust this source...
BTW, Wasn't this all part of vendors.list sometime ago (I don't know
whether it was, it's not used anymore; and was not in use when I started
using Debian).
--
Julian Andres Klode - Debian Developer, Ubuntu Member
See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.
Reply to: