make apt-get stop bothering me about signatures

Mark Haney mhaney at ercbroadband.org
Thu Sep 4 17:06:19 UTC 2008 

Johnny Rosenberg wrote:
> 2008/9/3 Mark Haney <mhaney at ercbroadband.org>
> 
>> Paul Johnson wrote:
>> re is a weakness in apt-get compared
>>> against yum in Fedora.  You seem to say it is necessary for me to
>>> accept all unsigned packages, rather than simply accepting unsigned
>>> packages from one particular trusted site.
>>
>> I'm not sure I understand this statement. You can set the same behaviour
>> in yum, so I don't think it's inherently safer than apt.  I thought
>> there was a way to edit the sources in Ubuntu to allow unsigned packages
>> from a particular repo similar to what yum does?
>>
>> Regardless, if you want unsigned packages, download them, MD5SUM them,
>> then install with dpkg.  That is a safer option in my mind than making
>> apt insecure.
>>
>>
>>  Excuse me for asking a stupid question, but how can it be dangerous? Will
> a knife come out of my screen and cut my throat off?
> But seriously, what's the worst thing that could happen?
> That everything is erased from my drives (I have a backup that on an USB
> drive that is always turned off, except when I am running my backup script)?
> Or that someone can read my files (like I cared… that person doesn't need
> much entertainment…)?
> Or maybe that my computer could send viruses to WIndows machines (again,
> like I cared…)?
> Or someone would get information about my father and go killing him (he died
> eight years ago anyway)?
> What is the threat, really? I guess I really missed something. Would be
> interesting to know what.
> 

Well, it's possible, with an insecure system for someone to dump child 
pr0n on your system and the call the cops?  How would you like that?

The point is, security should be a consideration for everyone.  Whether 
you have anything like credit card numbers or not on it is irrelevant. 
I am rather disturbed by your seeming lack of concern over it.  But then 
I'm uber-paranoid.

The point is, this kind of attitude is why so many systems have bots and 
trojans on them.  The more we take security seriously, the less this 
will happen.  And I personally would like to see fewer attacks against 
my servers from botnets.



-- 
Libenter homines id quod volunt credunt -- Caius Julius Caesar


Mark Haney
Sr. Systems Administrator
ERC Broadband
(828) 350-2415

Call (866) ERC-7110 for after hours support

More information about the ubuntu-users mailing list