Your message dated Fri, 15 May 2015 05:17:30 +0200
with message-id <20150515031730.gb15...@mraw.org>
and subject line Re: Bug#432309: should check Release signature by default?
has caused the Debian Bug report #432309,
regarding debootstrap: check release files by default, perhaps suggest/recommend
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
432309: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432309
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: debootstrap
Version: 1.0.10lenny1
Severity: wishlist
Hi.
Although I've chosen wishlist as priority I'd consider this very important:
debootstrap should check Release files by default, and only allow
unsigned Release files, if a special parameter is given.
In that case it would be nice, to recommend or suggest debian-archive-keyring.
To retain compatibility one could depend on debian-archive-keyring,
and use that keyring per default when no other is given.
Of course it would be nice if all types of Release file hashes (not
just MD5) are supported (and used)
Thanks,
Chris.
-- System Information:
Debian Release: 5.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-heisenberg (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_DE.UTF-8, LC_CTYPE=en_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages debootstrap depends on:
ii binutils 2.19.1-1 The GNU assembler, linker
and bina
ii wget 1.11.4-2 retrieves files from the web
debootstrap recommends no packages.
debootstrap suggests no packages.
-- no debconf information
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
--- End Message ---
--- Begin Message ---
Christoph Anton Mitterer <cales...@scientia.net> (2013-06-30):
> Hey Joey
>
> On Sat, 2013-06-29 at 14:57 -0400, Joey Hess wrote:
> > I'm not talking about building debootstrap to bootstrap some other linux
> > distribution. I'm talking about the common practice of using it to
> > bootstrap debian from other linux distributions.
> Sure... I did the same...
>
> If you use debootstrap from another distro... you must build it there,
> right?
>
> And during such build ./configure could e.g. check for
> /etc/debian_version or perhaps /etc/os-release
> If it finds something it knows (e.g. Debian or Ubuntu)... it could hard
> code the expectancy of a keyring ... or not.
>
>
>
> Anyway... as said I think for most security, it would be best if per
> default it always expects a keyring, unless --no-check-gpg is given.
> Regardless of where it is build or what you try to bootstrap.
>
> Systems that depend on not checking for signatures will be quickly
> identified and can be simply made working again by adding
> --no-check-gpg... and that's actually a good way for people to see that
> they might have a security problem. At least it's better instead letting
> people accidentally shoot themselves into their feet.
>
> In that case it should however try to use default keyrings (if
> available) e.g. debian-archive-keyring for any Debian based suite.
> or emdebian-archive-keyring for emdebian, etc.
> The problem here is just, that the suite name might be ambiguous... :(
No, we won't make requiring keyring checks the default; but you can now
request it, see #733179 (where you'll also find the reasons against a
change in the default behaviour).
Closing this bug report accordingly.
Mraw,
KiBi.
signature.asc
Description: Digital signature
--- End Message ---
