Re: DNF5: Checking signatures of packages installed out of a repository?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Oct 31, 2023 at 04:23:41PM +0100, Petr Pisar wrote:

> The nonchecking behavior probably exists to make installing local packages
> easy. If DNF5 would insist on checking the signatures, Fedora users would have
> to pass --no-gpgchecks option to their "dnf5" commands to override the new
> default, or start signing their packages. As always security is not easy.
> 
> Because this an old behavior and some users probably depend on it, enabling
> the verification for all cases looks like an abrupt change.
> 
> I would would like to hear your opinion: Should DNF5 start verifying all
> packages? Should DNF5 keep ignoring signatures for out-of-repository packages?
> Or should rather narrow the verification skip to packages from a local file
> system? Any other options?

dnf should verify all packages unless the user turns this off.

I may have known checks were skipped for local files at one point, but
reading this today I was surprised by it. Especially in today's world
where instruction tell you to download the rpm and install it manually I
think it is important to default to being as safe as possible by
default.

I think we should:

 * Switch the default local gpg check to true
  - this removes surprise when you learn you've been installing
    unchecked software for ... years? If they want it, it can be set
    back to false by the user.

 * Don't apply the local flag to rpms downloaded from a url by dnf.
   Treat them as if they came from a repo.
  - users (or me) don't know all the internal paths inside dnf, the
    expectation is that a url isn't a local file.

Brian

-- 
Brian C. Lane (PST8PDT) - weldr.io - lorax - parted - pykickstart
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux