Hi KP Am 16.12.2012 11:12, schrieb KP Kirchdoerfer: > Am 15.12.2012 23:14, schrieb Erich Titl: >> Hi KP >> >> Am 15.12.2012 19:54, schrieb KP Kirchdoerfer: >>> Hi; >>> >>> I did some work on Trac ticket 57 "add gpg signing of packages", and >>> like to discuss, what I've done so far. >> >> Will it still be possible to load unsigned packages? > > Yes. Currently verify is not integrated into the install or update commands. > The user *can* download a gpg signature file for a given lrp and verify > the package before he installs/updates it. It's recommended, but > everything else will work as before.
I have a few more doubts If the verify mechanism is built into config.lrp then it is easy to circumvent it, by just disabling it there. This is even easier than in in initrd. Unfortunately I believe if such a mechanism is easy to break it is of no great value. If we want this to succeed we need to build some kind of a chain of trust and enforce the use of signed packages. If someone wants tu build his own package he has to be a member of this chain of trust. The program to verify the signature _must_ be signed itself, not only the package. cheers Erich ------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d _______________________________________________ leaf-devel mailing list leaf-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-devel
