Bug#579028: pbuilder: installs untrusted packages without asking

[Ansgar Burchardt]

notfixed 579028 0.199
severity 579028 grave
thanks

A recent discussion reminded me of this bug and after some thinking I
decided to reopen it.  I do not believe a package in Debian should
disable secure apt by default, allowing a man-in-the-middle to take over
the system.

This is even more so for a package that is used by many people to
produce binaries for the archive and is likely to be run on systems
having sensitive data (such as pgp keys).

Regards,
Ansgar