diff options
author | David Kalnischkies <david@kalnischkies.de> | 2016-11-25 17:42:47 +0100 |
---|---|---|
committer | David Kalnischkies <david@kalnischkies.de> | 2016-12-16 13:50:00 +0100 |
commit | d20643cc0ac89ee30cf0e546d689e67085294ace (patch) | |
tree | d7736270427c975771efea9f87f15a5e8c5acfcc /apt-private | |
parent | fc336f09356c1db63094e377a65033d5ec00b983 (diff) |
default to --no-check for dpkg-source call
In bug #757534 the opposite direction was initially requested, but what
we did end up with was having a possibility to configure the options
passed to dpkg. The reasoning given their and in #724744 is specific why
apt doesn't need the checks to be performed by dpkg. In fact, what these
two reports show is that if those checks are run people end up being
confused about the requirement of them being run, so given the best case
those checks can do is do nothing (visibly) while the worst cases are
warnings and errors which are neither we are from a security point
better of with disabling them – as (as mentioned in the bugreports)
false positives for issues are really really bad in a security context.
Closes: 724744
Diffstat (limited to 'apt-private')
-rw-r--r-- | apt-private/private-source.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/apt-private/private-source.cc b/apt-private/private-source.cc index 3b10399d3..68935d97d 100644 --- a/apt-private/private-source.cc +++ b/apt-private/private-source.cc @@ -520,7 +520,7 @@ bool DoSource(CommandLine &CmdL) else { // Call dpkg-source - std::string const sourceopts = _config->Find("DPkg::Source-Options", "-x"); + std::string const sourceopts = _config->Find("DPkg::Source-Options", "--no-check -x"); std::string S; strprintf(S, "%s %s %s", _config->Find("Dir::Bin::dpkg-source","dpkg-source").c_str(), |