On Wed, Dec 31, 2003 at 02:12:22AM -0800, Ryan Murray wrote: > CheckAuth checks if APT::Get::Assume-Yes is true to bypass the check. > This is problematic for build daemons, where you don't want to allow > package statuses to be changed unless requested by the buildd (what > APT::Get::Assume-Yes only did before the secure patch), but you do > want to allow unauthenticated packages. A seperate config variable should > be used for this. APT::Get::AllowUnauthenticated or so?
By the way, I'm assuming this has to do with that bit which lets buildds grab packages from accepted/ or wherever, before they are installed in the archive proper. Is it infeasible to provide a signed Release file for that situation, and if so, is there anything I can do to alleviate that? It would of course be preferable to authenticate all packages where possible. -- - mdz
