Bug#659419: pbuilder: security in pbuilder
Junichi Uekawa
dancer at netfort.gr.jp
Thu Mar 8 21:57:14 UTC 2012
I take this as a request to change the default behavior.
At Sat, 11 Feb 2012 00:27:54 +0100,
Christoph Anton Mitterer wrote:
>
> Package: pbuilder
> Version: 0.206
> Severity: important
>
>
> Hi.
>
> Marking this as important, as it might be secrutiy relevant:
>
>
> Installing potentially unverified packages is basically like posting your
> root password on the internet and removing the last character.
>
>
> Reading through pbuilderrc(5) I found these:
>
> 1) > PBUILDERSATISFYDEPENDSOPT=('--check-key')
> > Array of flags to give to pbuilder-satisfydepends. Specifying
> > --check-key here will try to verify key signatures.
> What does try mean here? Can't this be changed to just fail if verification
> doesn't work?
>
>
> 2) > APTGETOPT=('--force-yes')
> > Extra flags to give to apt-get. Default is --force-yes, which
> > will skip key verification of packages to be installed. Unset if
> > you want to enable key verification.
>
> If this disables key verification it should be disabled per default.
>
>
> Cheers,
> Chris.
>
> btw: Some time ago, I've already reported a bug about the insecure usage
> of debootstrap.
> You've then added the --keyring option as default.
> It seems that debbootstrap changed to do this per default itself (have a look).
> So when you depend on the recent enough version, you could drop this again.
>
>
>
> _______________________________________________
> Pbuilder-maint mailing list
> Pbuilder-maint at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pbuilder-maint
>
More information about the Pbuilder-maint
mailing list