[Bug 939322] Re: apt-get source ignores missing key

David Kalnischkies 939322 at bugs.launchpad.net
Tue Mar 6 09:12:27 UTC 2012


As you have figured out, the message comes from dpkg while unpacking.
dpkg uses his own keyrings for it and adding something like '--require-
valid-signature' will make it hard for users to work with third-party
archives as a key for the maintainer is usually not installed (and is in
general a different one to the keys apt uses. APT has keys to verify the
complete archive, the sources packages are signed with the key of the
maintainer)

But we don't need this, the downloaded files are as usually checked by
apt with the checksums provided in Sources index. So we already know
though our usual trustpath that the files are okay. So what we could
actually do is disable this check by dpkg, but additional checks aren't
bad in case the needed keyrings are installed (no, we can't know that
beforehand, so we can't disable it 'on-demand').

I am therefore setting it to 'invalid' as there is no security problem
involved and i don't see a good way to disable this message from dpkg.

** Changed in: apt (Ubuntu)
       Status: Triaged => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/939322

Title:
  apt-get source ignores missing key

Status in “apt” package in Ubuntu:
  Invalid

Bug description:
  Running "apt-get source wireshark" produced the message "Can't check
  signature: public key not found", but after this message it proceeded
  with unpacking the source, which it had not verified the integrity of.

  Continuing by default when a signature cannot be verified is a
  security risk. (If the package had had just a few more patches, the
  message would have scrolled out of the window before I would have seen
  it).

  Extracting an unverified package should require explicit user
  confirmation. Either by requesting the user answer y or n while the
  command is running, or by aborting with an error telling the user a
  flag that can be used to proceed regardless of unverified signatures.

  ProblemType: Bug
  DistroRelease: Ubuntu 10.04
  Package: apt 0.7.25.3ubuntu9.10
  ProcVersionSignature: Ubuntu 2.6.32-37.81-generic 2.6.32.49+drm33.21
  Uname: Linux 2.6.32-37-generic i686
  Architecture: i386
  Date: Thu Feb 23 09:24:04 2012
  EcryptfsInUse: Yes
  InstallationMedia: Ubuntu 10.04.3 LTS "Lucid Lynx" - Release i386 (20110720.1)
  ProcEnviron:
   PATH=(custom, user)
   LANG=en_DK.utf8
   SHELL=/bin/bash
  SourcePackage: apt

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/939322/+subscriptions




More information about the foundations-bugs mailing list