From 952ee63b0af14a534c0aca00c11d1a99be6b22b2 Mon Sep 17 00:00:00 2001
From: David Kalnischkies <david@kalnischkies.de>
Date: Fri, 18 Mar 2016 14:46:24 +0100
Subject: forbid insecure repositories by default expect in apt-get

With this commit all APT-based clients default to refusing to work with
unsigned or otherwise insufficently secured repositories. In terms of
apt and apt-get this changes nothing, but it effects all tools using
libapt like aptitude, synaptic or packagekit.

The exception remains apt-get for stretch for now as this might break
too many scripts/usecases too quickly.

The documentation is updated and extended to reflect how to opt out or
in on this behaviour change.

Closes: 808367
---
 apt-pkg/init.cc | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

(limited to 'apt-pkg/init.cc')

diff --git a/apt-pkg/init.cc b/apt-pkg/init.cc
index a41d604d3..c77e8e2fe 100644
--- a/apt-pkg/init.cc
+++ b/apt-pkg/init.cc
@@ -86,10 +86,7 @@ bool pkgInitConfig(Configuration &Cnf)
    Cnf.Set("Dir::Ignore-Files-Silently::", "\\.distUpgrade$");
 
    // Repository security
-   // FIXME: this is set to "true" for backward compatibility, once
-   //        jessie is out we want to change this to "false" to
-   //        improve security
-   Cnf.CndSet("Acquire::AllowInsecureRepositories", true);
+   Cnf.CndSet("Acquire::AllowInsecureRepositories", false);
    Cnf.CndSet("Acquire::AllowDowngradeToInsecureRepositories", false);
 
    // Default cdrom mount point
-- 
cgit v1.2.3