On 25 Sep 2003, Jeff Licquia wrote: > Cookie support is turned on with Acquire::http::Use-Cookies (default > "true" in the patch; feel free to change this). Cookies are stored in > the file mentioned in Acquire::http::Cookie-File, which by default is > "/var/lib/apt/cookies.txt". It should be possible to set Cookie-File to > "/dev/null", which gives you the equivalent of transient cookies. The > cookies.txt file format is the same as that of most browsers. > > I know this patch may be a bit controversial, but it really helps > Progeny with some of the things we're doing. We don't mind maintaining > this as a separate effort, but we want to keep our difference from > mainline apt as small as possible. So, if you have objections to any of > the decisions I've made in writing this patch, please let me know so we > can work out solutions for them.
I haven't read this fully, but blindly accepting cookies(either new or modifications) is bad. Some kind of prompting is needed. Something like mozilla's rules would be useful.
