Source: cowdancer
Version: 0.89
Severity: wishlist
Tags: security
Hey.
I was looking a bit through the code of cowbuilder and qemubuilder.
E.g. for qemubuilder, the manpage already says:
"The possible configuration options are as follows. Others are ignored."
Altough, it seemed in the code it would in fact respect ALLOWUNTRUSTED.
However, it doesn't seem to respect DEBOOTSTRAPOPTS? Taking just these
instead:
debootstrap_command_line[1] = "--arch";
debootstrap_command_line[2] = pc->arch;
debootstrap_command_line[3] = "--foreign";
DEBOOTSTRAP_ADD_PARAM(pc->distribution);
DEBOOTSTRAP_ADD_PARAM(pc->buildplace);
DEBOOTSTRAP_ADD_PARAM(pc->mirror);
DEBOOTSTRAP_ADD_PARAM(NULL);
Especially if one has set something like:
DEBOOTSTRAPOPTS=('--force-check-gpg'
'--keyring=/usr/share/keyrings/debian-archive-keyring.gpg'
'--variant=buildd')
to make sure that gpg signatures with the keyring are really always
used (as far as I understand, debootstrap allows fallback to just
https otherwise).
Does it consider APTKEYRINGS? Or at least just copy the host systems
APT keyrings safely into the VM and use only these?
I haven't checked so much, whether it's already done properly for cowbuilder.
Thanks,
Philippe
