From 954d30df8d8b0fb4fa203d09674a4fe1e990e55c Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Mon, 13 Oct 2014 09:39:25 +0200 Subject: Document Acquire{MaxReleaseFileSize,AllowInsecureRepositories,AllowDowngradeToInsecureRepositories} and --no-allow-insecure-repositories Document the new options to restrict loading unauthenticated data into our parsers. --- doc/apt.conf.5.xml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) (limited to 'doc/apt.conf.5.xml') diff --git a/doc/apt.conf.5.xml b/doc/apt.conf.5.xml index 0f98a6fe9..efe986ea8 100644 --- a/doc/apt.conf.5.xml +++ b/doc/apt.conf.5.xml @@ -586,6 +586,38 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";}; + + + The maximum file size of Release/Release.gpg/InRelease files. + The default is 10MB. + + + + + + Allow the update operation to load data files from + a repository without a trusted signature. If enabled this + option no data files will be loaded and the update + operation fails with a error for this source. The default + is false for backward compatibility. This will be changed + in the future. + + + + + + Allow that a repository that was previously gpg signed to become + unsigned durign a update operation. When there is no valid signature + of a perviously trusted repository apt will refuse the update. This + option can be used to override this protection. You almost certainly + never want to enable this. The default is false. + + Note that apt will still consider packages from this source + untrusted and warn about them if you try to install + them. + + + -- cgit v1.2.3