Source: cowdancer Version: 0.89 Severity: wishlist Tags: security
Hey. I was looking a bit through the code of cowbuilder and qemubuilder. E.g. for qemubuilder, the manpage already says: "The possible configuration options are as follows. Others are ignored." Altough, it seemed in the code it would in fact respect ALLOWUNTRUSTED. However, it doesn't seem to respect DEBOOTSTRAPOPTS? Taking just these instead: debootstrap_command_line[1] = "--arch"; debootstrap_command_line[2] = pc->arch; debootstrap_command_line[3] = "--foreign"; DEBOOTSTRAP_ADD_PARAM(pc->distribution); DEBOOTSTRAP_ADD_PARAM(pc->buildplace); DEBOOTSTRAP_ADD_PARAM(pc->mirror); DEBOOTSTRAP_ADD_PARAM(NULL); Especially if one has set something like: DEBOOTSTRAPOPTS=('--force-check-gpg' '--keyring=/usr/share/keyrings/debian-archive-keyring.gpg' '--variant=buildd') to make sure that gpg signatures with the keyring are really always used (as far as I understand, debootstrap allows fallback to just https otherwise). Does it consider APTKEYRINGS? Or at least just copy the host systems APT keyrings safely into the VM and use only these? I haven't checked so much, whether it's already done properly for cowbuilder. Thanks, Philippe