[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-user
Subject:    Virus and non-official .deb's
From:       Roberto Diaz <rdiazmartin () vivaldi ! ddts ! net>
Date:       2001-03-31 18:44:11
[Download RAW message or body]

> Roberto writes:
> > What chances do we have to get a virus from a malicious .deb package
> > someone had leak into debian.org?
> 
> It would have to acquire the signature of a Debian developer to get into
> unstable, remain dormant for at least two weeks to get into testing, and
> lie dormant there until the next release in order to get into stable.

Yes but shouldt we wipe out from our sources.list non-official sites?

They could be dangerous... 

For example I have this: 

# Galeon web browser
deb ftp://galeon.sourceforge.net/pub/galeon/nightly/debian galeonpotato/

Of course I am **not** telling that people from galeon are going to send
us a virus.. in fact they are not this is just an example of .deb's I can
recieve from non-official sites.

But in a lot of places you can find things like:

"For debian potato add the following to your sources.list... etc.." 

Someone could leak a virus into your system this way...


Regards

Roberto

------------------------------------------------------------------------
Roberto Diaz <rdiazmartin@vivaldi.ddts.net>
http://vivaldi.ddts.net 
Powered by ddt dynamic DNS
Powered by GNU running on a Linux kernel.
Powered by Debian (The real wonder)

Concerto Grosso Op. 3/8 A minor
Antonio Vivaldi (so... do you need beautiful words?)
------------------------------------------------------------------------


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

[prev in list] [next in list] [prev in thread] [next in thread]