Re: Limit what packages my be installed
On Thu, Jan 09, 2020 at 11:03:35AM +0100, Mikael Pahmp wrote:
> Hi,
>
> I'm trying to set up a "secure" upgrade mechanism for an embedded Linux
> product (based on Yocto) using apt. The customer should only be allowed to
> install/alter software by installing packages signed by us. My idea is that
> the user will not have root access but will be allowed to execute apt-get
> specifically using sudo from an "admin" user account (configured in
> /etc/sudoers). We will deliver the product with a pre-installed pgp key
> with which packages should be approved.
>
> Now, how can I guarantee that only packages signed by our key or
> originating from a source signed by us, can be installed? It seems
> signature checking can be circumvented simply by providing command line
> options to apt-get that e.g. alter which sources to use and disables
> signature checking for these sources.
I guess I'd use PackageKit and set appropriate PolicyKit policies to prevent
the user from adding other sources.
--
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer i speak de, en
Reply to: