Bug#762833: confirm this bug

2014-10-01 14:45 GMT+04:00 Julian Andres Klode <jak@jak-linux.org>:

On Wed, Oct 1, 2014 at 12:15 PM, Valery Mamonov <valerymamonov@gmail.com> wrote:
> Problem solved by making /etc/apt/trusted.gpg world readable, but it's
> insecure workaround.
>
> 2014-09-30 17:01 GMT+04:00 Valery Mamonov <valerymamonov@gmail.com>:
>>
>> https://lists.debian.org/debian-user/2014/09/msg02346.html
>>
>> --
>>
>> Best regards,
>>
>> Valery Mamonov.

No, It's not insecure. Not at all. It's not an issue if your users
know which keys APT accepts.

Oh, and it's the default setting.

PS. please do not top-post. Thank you.

--
Julian Andres Klode - Debian Developer, Ubuntu Member

See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.

Sorry for top-posting, it's default setting in gmail web interface.

As for the keyring - it was not world readable until apt update (now i'm using apt 1.1~exp3 from experimental) and there were no gpg "no_pubkey" errors until apt experimental update.

Anyway, thanks.

--

Best regards,

Valery Mamonov.

Reply to:

References:

Bug#762833: confirm this bug
- From: Valery Mamonov <valerymamonov@gmail.com>
Bug#762833: confirm this bug
- From: Julian Andres Klode <jak@jak-linux.org>