make apt-get stop bothering me about signatures
Mark Haney
mhaney at ercbroadband.org
Thu Sep 4 17:06:19 UTC 2008
Johnny Rosenberg wrote:
> 2008/9/3 Mark Haney <mhaney at ercbroadband.org>
>
>> Paul Johnson wrote:
>> re is a weakness in apt-get compared
>>> against yum in Fedora. You seem to say it is necessary for me to
>>> accept all unsigned packages, rather than simply accepting unsigned
>>> packages from one particular trusted site.
>>
>> I'm not sure I understand this statement. You can set the same behaviour
>> in yum, so I don't think it's inherently safer than apt. I thought
>> there was a way to edit the sources in Ubuntu to allow unsigned packages
>> from a particular repo similar to what yum does?
>>
>> Regardless, if you want unsigned packages, download them, MD5SUM them,
>> then install with dpkg. That is a safer option in my mind than making
>> apt insecure.
>>
>>
>> Excuse me for asking a stupid question, but how can it be dangerous? Will
> a knife come out of my screen and cut my throat off?
> But seriously, what's the worst thing that could happen?
> That everything is erased from my drives (I have a backup that on an USB
> drive that is always turned off, except when I am running my backup script)?
> Or that someone can read my files (like I cared… that person doesn't need
> much entertainment…)?
> Or maybe that my computer could send viruses to WIndows machines (again,
> like I cared…)?
> Or someone would get information about my father and go killing him (he died
> eight years ago anyway)?
> What is the threat, really? I guess I really missed something. Would be
> interesting to know what.
>
Well, it's possible, with an insecure system for someone to dump child
pr0n on your system and the call the cops? How would you like that?
The point is, security should be a consideration for everyone. Whether
you have anything like credit card numbers or not on it is irrelevant.
I am rather disturbed by your seeming lack of concern over it. But then
I'm uber-paranoid.
The point is, this kind of attitude is why so many systems have bots and
trojans on them. The more we take security seriously, the less this
will happen. And I personally would like to see fewer attacks against
my servers from botnets.
--
Libenter homines id quod volunt credunt -- Caius Julius Caesar
Mark Haney
Sr. Systems Administrator
ERC Broadband
(828) 350-2415
Call (866) ERC-7110 for after hours support
More information about the ubuntu-users
mailing list