Bug#749795: apt: no authentication checks for source packages

To: 749795@bugs.debian.org
Subject: Bug#749795: apt: no authentication checks for source packages
From: Christoph Anton Mitterer <calestyo@gmail.com>
Date: Mon, 16 Jun 2014 14:58:28 +0200
Message-id: <[🔎] 1402923508.4787.3.camel@heisenberg.scientia.net>
Reply-to: Christoph Anton Mitterer <calestyo@gmail.com>, 749795@bugs.debian.org
In-reply-to: <[🔎] 20140616073506.GG9577@bod>
References: <20140529210434.GA3935@jwilk.net> <20140530132120.GA9713@bod> <[🔎] 20140616073506.GG9577@bod>

On Mon, 2014-06-16 at 09:35 +0200, Michael Vogt wrote: 
> I think for the future we actually should not allow a apt-get update
> of untrusted repos without --allow-unauthenticated  or
> [trusted=no]. But this will probably break some setups so we need to
> be careful and not rush it.

And what about the setups, which assume secure data to be retrieved (as
far as I can see the whole build stack of Debian), which is already
broken now?

Security is much more critical here then things continuing to work... if
someone's setup really depend on not verifying integrity... he will
immediately notice (and can add the flag),... but no one notices if his
security is compromised by MitMs... :-(

So I see not much of a reason to not implement that right away.

Cheers,
Chris.

Reply to:

Follow-Ups:
- Bug#749795: apt: no authentication checks for source packages
  - From: Michael Vogt <mvo@debian.org>

References:
- Bug#749795: apt: no authentication checks for source packages
  - From: Michael Vogt <mvo@debian.org>

Prev by Date: Bug#749795: holes in secure apt
Next by Date: Bug#751770: python-apt: source file (dsc) handling fails to parse binary packages including newlines
Previous by thread: Bug#749795: apt: no authentication checks for source packages
Next by thread: Bug#749795: apt: no authentication checks for source packages
Index(es):
- Date
- Thread