[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] APT vs. injection attack?

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] APT vs. injection attack?
From: Benjamin A'Lee <bma@xxxxxxxxx>
Date: Sun, 27 Aug 2006 23:35:37 +0100
Mail-followup-to: list@xxxxxxxxxxxxx

On Sun, Aug 27, 2006 at 09:27:39PM +0100, Ben Goodger wrote:
> If one runs an APT proxy to serve a number of client computers, all of which
> are configured to do APT stuff automatically, then is an individual client
> susceptible to an injection attack from within, or does APT have a facility
> to get round this?
> My friend tells me that yum can get round it, but I don't fully understand
> how and want to do this on Ubuntu rather than Fedora.

Debian packages are signed; you should get a warning from
apt-get/aptitude if the signature is invalid.

        bma

Attachment: signature.asc
Description: Digital signature

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html

References:
- [LUG] APT vs. injection attack?
  - From: Ben Goodger

Prev by Date: Re: [LUG] 'Hello all' from a new member
Next by Date: Re: [LUG] 'Hello all' from a new member
Previous by thread: [LUG] APT vs. injection attack?
Next by thread: [LUG] X-Window
Index(es):
- Date
- Thread