Seth Arnold wrote: > debsig-verify uses some library routines from dpkg; while I inspected > these calls and didn't see a problem, I must point out that dpkg was > only ever designed to handle packages that already passed the usual > hash-and-signatures check provided by apt and may not be suitable for > use on untrusted input. debsig-verify is taking a risk that the dpkg > implementations of these functions will not become a danger in the future, > even assuming they are fine today.
This seems like a slightly odd statement given that dpkg was designed long before apt, never mind secure apt, even existed. Also of course dpkg is often used to handle untrusted input in other cases, such as inspecting files with dpkg -I and dpkg -c, and click uses dpkg (albeit sandboxed somewhat using LD_PRELOAD) to install packages. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1358272 Title: [MIR] debsig-verify To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/debsig-verify/+bug/1358272/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
