X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/5555ef9850b7e66aa02d39bb7d624fdf3e43edb2..21248c0f00ee71412dbadc6ebf84011cf974346d:/apt-pkg/init.cc

diff --git a/apt-pkg/init.cc b/apt-pkg/init.cc
index 81b601a7f..f756eab26 100644
--- a/apt-pkg/init.cc
+++ b/apt-pkg/init.cc
@@ -15,9 +15,11 @@
 #include <apt-pkg/error.h>
 #include <apt-pkg/pkgsystem.h>
 #include <apt-pkg/configuration.h>
+#include <apt-pkg/macros.h>
 
+#include <string.h>
+#include <string>
 #include <cstdlib>
-#include <sys/stat.h>
 
 #include <apti18n.h>
 									/*}}}*/
@@ -84,15 +86,26 @@ bool pkgInitConfig(Configuration &Cnf)
    Cnf.Set("Dir::Ignore-Files-Silently::", "\\.dpkg-[a-z]+$");
    Cnf.Set("Dir::Ignore-Files-Silently::", "\\.save$");
    Cnf.Set("Dir::Ignore-Files-Silently::", "\\.orig$");
+   Cnf.Set("Dir::Ignore-Files-Silently::", "\\.distUpgrade$");
+
+   // Repository security
+   // FIXME: this is set to "true" for backward compatibility, once
+   //        jessie is out we want to change this to "false" to
+   //        improve security
+   Cnf.CndSet("Acquire::AllowInsecureRepositories", true);
+   Cnf.CndSet("Acquire::AllowDowngradeToInsecureRepositories", false);
 
    // Default cdrom mount point
    Cnf.CndSet("Acquire::cdrom::mount", "/media/cdrom/");
 
+   // The default user we drop to in the methods
+   Cnf.CndSet("APT::Sandbox::User", "_apt");
+
    bool Res = true;
    
    // Read an alternate config file
    const char *Cfg = getenv("APT_CONFIG");
-   if (Cfg != 0)
+   if (Cfg != 0 && strlen(Cfg) != 0)
    {
       if (RealFileExists(Cfg) == true)
 	 Res &= ReadConfigFile(Cnf,Cfg);