]> git.saurik.com Git - apt.git/commit - doc/sources.list.5.xml
projects / apt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0741dae) | patch
implement Signed-By option for sources.list
authorDavid Kalnischkies <david@kalnischkies.de>
Wed, 24 Jun 2015 17:31:22 +0000 (19:31 +0200)
committerDavid Kalnischkies <david@kalnischkies.de>
Mon, 10 Aug 2015 15:25:26 +0000 (17:25 +0200)
commitb0d408547734100bf86781615f546487ecf390d9
tree8e88e2394ce15a4ac5a070b59a0cf4b74d748859tree | snapshot
parent0741daeb7ab870b4dd62a93fa12a1cf6330f9a72commit | diff
implement Signed-By option for sources.list

Limits which key(s) can be used to sign a repository. Not immensely useful
from a security perspective all by itself, but if the user has
additional measures in place to confine a repository (like pinning) an
attacker who gets the key for such a repository is limited to its
potential and can't use the key to sign its attacks for an other (maybe
less limited) repository… (yes, this is as weak as it sounds, but having
the capability might come in handy for implementing other stuff later).
15 files changed:
apt-pkg/acquire-item.cc diff | blob | blame | history
apt-pkg/acquire-item.h diff | blob | blame | history
apt-pkg/contrib/gpgv.cc diff | blob | blame | history
apt-pkg/contrib/gpgv.h diff | blob | blame | history
apt-pkg/deb/debmetaindex.cc diff | blob | blame | history
apt-pkg/deb/debmetaindex.h diff | blob | blame | history
apt-pkg/metaindex.cc diff | blob | blame | history
apt-pkg/metaindex.h diff | blob | blame | history
apt-pkg/sourcelist.cc diff | blob | blame | history
cmdline/apt-key.in diff | blob | blame | history
doc/sources.list.5.xml diff | blob | blame | history
methods/gpgv.cc diff | blob | blame | history
test/integration/framework diff | blob | blame | history
test/integration/test-apt-key diff | blob | blame | history
test/integration/test-releasefile-verification diff | blob | blame | history
APT (for Cydia)