touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #78898
[Bug 1456275] Re: Feature request for APT
While this sounds like a good idea at first and many users actually do
it this way (= unchecked import of keys), apt can't do it for security
reasons and adding it (anyway) as an option would just mean we encourage
this behavior further.
The signing keys of a repository ensure that the data apt downloads is
actually what is provided by the repository and not tampered with by an
attacker. That means through that the key needs to be acquired in a way
which is secure from tampering. Importing a key from a keyserver is NOT
SECURE. Not even if you use a TLS enabled protocol (which gpg doesn't by
default). You can make it "secure" if you can verify that the key you
got from the keyserver is what you expected to get. Signatures are a
good thing for this, but now you need to know that the signatures are
good… aka: You need a trust path from the key to you. APT can't create
nor validate such a trustpath. As much as we all love automation, adding
a key to apts trusted keyring is a very serious action which needs
careful attention and in the end manual work to establish a trust path.
If you don't do it, your system is not secure anymore as an attacker who
can trick you into trusting the wrong key can subsequently trick apt
into installing whatever he wants including keyloggers, bots and trojans
as root, with full disk, (local) network and internet access (aka: The
holy grail). This isn't too common yet in the internet at large as the
linux marketshare is low, but e.g. daily practice in the Tor network and
various leaked documents hint in which direction we are heading as
everything a governments can do, can also be done by (non-government)
criminals sooner or later.
** Changed in: apt (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1456275
Title:
Feature request for APT
Status in apt package in Ubuntu:
Invalid
Bug description:
I would like to ask for the feature that APT automatically imports the
needed keys for all repositories from the sources.list while executing
the "apt-get update" command. This would make the repositories
management much easier (mostly for not very advanced users)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1456275/+subscriptions
References