[Bug 939322] Re: apt-get source ignores missing key
David Kalnischkies
939322 at bugs.launchpad.net
Tue Mar 6 09:12:27 UTC 2012
As you have figured out, the message comes from dpkg while unpacking.
dpkg uses his own keyrings for it and adding something like '--require-
valid-signature' will make it hard for users to work with third-party
archives as a key for the maintainer is usually not installed (and is in
general a different one to the keys apt uses. APT has keys to verify the
complete archive, the sources packages are signed with the key of the
maintainer)
But we don't need this, the downloaded files are as usually checked by
apt with the checksums provided in Sources index. So we already know
though our usual trustpath that the files are okay. So what we could
actually do is disable this check by dpkg, but additional checks aren't
bad in case the needed keyrings are installed (no, we can't know that
beforehand, so we can't disable it 'on-demand').
I am therefore setting it to 'invalid' as there is no security problem
involved and i don't see a good way to disable this message from dpkg.
** Changed in: apt (Ubuntu)
Status: Triaged => Invalid
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/939322
Title:
apt-get source ignores missing key
Status in “apt” package in Ubuntu:
Invalid
Bug description:
Running "apt-get source wireshark" produced the message "Can't check
signature: public key not found", but after this message it proceeded
with unpacking the source, which it had not verified the integrity of.
Continuing by default when a signature cannot be verified is a
security risk. (If the package had had just a few more patches, the
message would have scrolled out of the window before I would have seen
it).
Extracting an unverified package should require explicit user
confirmation. Either by requesting the user answer y or n while the
command is running, or by aborting with an error telling the user a
flag that can be used to proceed regardless of unverified signatures.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: apt 0.7.25.3ubuntu9.10
ProcVersionSignature: Ubuntu 2.6.32-37.81-generic 2.6.32.49+drm33.21
Uname: Linux 2.6.32-37-generic i686
Architecture: i386
Date: Thu Feb 23 09:24:04 2012
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 10.04.3 LTS "Lucid Lynx" - Release i386 (20110720.1)
ProcEnviron:
PATH=(custom, user)
LANG=en_DK.utf8
SHELL=/bin/bash
SourcePackage: apt
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/939322/+subscriptions
More information about the foundations-bugs
mailing list