[prev in list] [next in list] [prev in thread] [next in thread]
List: haiku-bugs
Subject: [haiku-bugs] Re: [Haiku] #17331: Repository signature validation in pkgman via minisign
From: "Haiku" <trac () haiku-os ! org>
Date: 2023-10-31 15:58:39
Message-ID: 060.1ae1cf97d75e5f577fd4bfa422d9373c () haiku-os ! org
[Download RAW message or body]
--===============2602277103472536132==
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
#17331: Repository signature validation in pkgman via minisign
----------------------------+----------------------------------------------
Reporter: kallisti5 | Owner: nobody
Type: enhancement | Status: new
Priority: high | Milestone: R1/beta5
Component: Kits/Package | Version: R1/Development
Kit |
Resolution: | Keywords: packages minisig security sprint
Blocked By: | Blocking:
Platform: All |
----------------------------+----------------------------------------------
Comment (by kallisti5):
See https://review.haiku-os.org/c/haiku/+/7088 for a first "quick-and-
dirty" solution. Long term this needs to be better and integrated within
the package kit since the logic is still a little loose around "getting
and validating minisign is valid from the repo you're about to validate"
Fun fact.. this tool uncovered that it doesn't look like haikuports is
properly signing repo files.
-- =
Ticket URL: <https://dev.haiku-os.org/ticket/17331#comment:4>
Haiku <https://dev.haiku-os.org>
The Haiku operating system.
--===============2602277103472536132==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic