Re: Limit what packages my be installed
On 1/9/20, Mikael Pahmp wrote:
> Hi,
>
> I'm trying to set up a "secure" upgrade mechanism for an embedded Linux
> product (based on Yocto) using apt. The customer should only be allowed to
> install/alter software by installing packages signed by us. My idea is that
> the user will not have root access but will be allowed to execute apt-get
> specifically using sudo from an "admin" user account (configured in
> /etc/sudoers). We will deliver the product with a pre-installed pgp key
> with which packages should be approved.
>
> Now, how can I guarantee that only packages signed by our key or
> originating from a source signed by us, can be installed? It seems
> signature checking can be circumvented simply by providing command line
> options to apt-get that e.g. alter which sources to use and disables
> signature checking for these sources.
build your own version of apt-get that doesn't have the options to
bypass signature checking?
> Do you think it is possible at all to get the "security" we want this way?
It's a bit difficult to keep a box secure when it's in someone else's
hands. Why not just void the warranty if the product owner installs
non-approved software?
Regards,
Lee
Reply to: