[Bug 556293] Re: apt/aptitude need to take global proxy settings into account
Steve Langasek
steve.langasek at canonical.com
Sat Mar 3 23:01:22 UTC 2012
If ubuntu-system-services is setting the proxy information in apt's
config already, I don't think there's actually anything more to be done
here. We should definitely *not* be whitelisting the http_proxy variable
for sudo, as this allows a user with restricted sudo access to mitm
attack http traffic to a program running as root. While this is
presumably not a security risk for the many users on this bug report who
administer their own machines, the sudo config we ship must remain
secure across all the various install scenarios we support.
Consequently, I agree with Martin that we should not be implementing
this by letting sudo pass http_proxy by default, and we appear to
already handle global proxy configuration via ubuntu-system-services.
** Changed in: apt (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/556293
Title:
apt/aptitude need to take global proxy settings into account
Status in “apt” package in Ubuntu:
Fix Released
Bug description:
Binary package hint: sudo
sudo version 1.7.2p1 in Ubuntu Lucid Beta 1 does not keep the
http_proxy variable any more. So "sudo aptitude update" doesn't work
in my work environment any more after update from Karmic.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/556293/+subscriptions
More information about the foundations-bugs
mailing list