Karl Goetz wrote: > On Tue, 08 Dec 2009 00:05:43 +0200 > Lars Nooden <[email protected]> wrote: ... >> First it gives the error, >> WARNING: The following packages cannot be authenticated! >> linux-image-2.6.31-libre1 >> Other packages authenticate fine. > > Are you able to install them by hand anyway?
Not yet. I ran into the authentication problem. As I get time, I'll try it again an also try debootstrap. >> Second it compounds that error by rolling ahead without stopping. It >> could be that this mistake has been fixed: >> https://bugs.launchpad.net/ubuntu/+source/apt/+bug/144781 > > I can't view this page. That page itself might not be useful. What it describes is a bug report for apt-get where packages that fail authentication are accepted for installation anyway when the --yes option is used. --yes on ubuntu's now fails if a package fails authentication, but the old behavior can be found using --allow-unauthenticated. Preseed and kickstart are at risk. The result is that, via man-in-the-middle, a fake package could be loaded with a payload in either the pre- or post-install script. Only one package is needed to root the system. /Lars _______________________________________________ gNewSense-dev mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/gnewsense-dev
