Enrico Zini <[EMAIL PROTECTED]> writes: > I noticed that when I use sbuild+schroot to build my own packages, apt > signature checking is turned off. I tried to turn it on, but it > requires patching /usr/share/perl5/Sbuild/Chroot.pm, as (unless I > misread the code) disabling signature checking is currently hardcoded in > sbuild:
This is correct. This was done when signature checking was new, but this is probably no longer appropriate. There was also originally some concern that having signature-checking tools inside a "minimal" chroot was not appropriate; I'm not sure if this is still seen as a concern. > I don't want to upload packages built with untrusted build-deps, so at > them moment I'm not using sbuild (I might make myself a patched version > now that I dug out the code). > I'd say however that once the feature is implemented it should be > enabled by default: it's supposed to be getting quite easy to attack > random DDs' DNSes and hijack their debian mirrors. Agreed. I'll be happy to remove the hard-coding and make it configurable. I'm quite short of time ATM, so a patch would make it much quicker. The sbuild-createchroot script should ideally also set up the chroot with the correct signatures in order to validate the mirror. I'm not too familiar with this part, so if it's possible to automate apt-key usage as part of the debootstrap part, that would be great. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
pgpYbu3iW4gby.pgp
Description: PGP signature

