On Sun, Jan 25, 2004 at 04:12:59PM +0100, Erik Hjelmås wrote: > Hi, > > I've spent a few hours searching, what Im looking for is a discussion > of different security aspects of apt, questions like > - What are the possible threats in terms of ip spoofing, dns cache > poisoning? (are there any solutions in terms of PKI (PGP) or similar > discussed somewhere?)
that issue is the same as for every web-based download. apt-get relys on your sources.list which according to man sources.list currently knows entries for http, ftp, cd-rom and file. So apart from cd-rom, you ask for the security of http, ftp and i.e. nfs or any other remote-mountable filesystem. Horst. -- Join the army, see the world, meet interesting, exciting people, and kill them.
