From 952ee63b0af14a534c0aca00c11d1a99be6b22b2 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 18 Mar 2016 14:46:24 +0100 Subject: forbid insecure repositories by default expect in apt-get With this commit all APT-based clients default to refusing to work with unsigned or otherwise insufficently secured repositories. In terms of apt and apt-get this changes nothing, but it effects all tools using libapt like aptitude, synaptic or packagekit. The exception remains apt-get for stretch for now as this might break too many scripts/usecases too quickly. The documentation is updated and extended to reflect how to opt out or in on this behaviour change. Closes: 808367 --- doc/apt-get.8.xml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'doc/apt-get.8.xml') diff --git a/doc/apt-get.8.xml b/doc/apt-get.8.xml index 20d761075..8fc6cc26d 100644 --- a/doc/apt-get.8.xml +++ b/doc/apt-get.8.xml @@ -563,8 +563,9 @@ Forbid the update command to acquire unverifiable - data from configured sources. Apt will fail at the update command - for repositories without valid cryptographically signatures. + data from configured sources. APT will fail at the update command + for repositories without valid cryptographically signatures. See + also &apt-secure; for details on the concept and the implications. Configuration Item: Acquire::AllowInsecureRepositories. -- cgit v1.2.3