[Aptitude-devel] Bug#878166: aptitude: feature request: admins should determine their security stand team

Nomen Nescio nobody at dizum.com
Tue Oct 10 17:09:15 UTC 2017 

Package: aptitude
Version: 0.6.11-1+b1
Severity: wishlist

Dear Maintainer,

Aptitude developers have taken the liberty of deciding for everyone
subjectively what quality of cryptographic signature is adequate for
everyone in a single sweeping decision, without knowing the individual
threat models and assets that the decision is trying to protect.  This
decision is in the wrong hands.  Specifically, consider the SHA1
removal, documented here:

  https://wiki.debian.org/Teams/Apt/Sha1Removal

If the apt team must decide on everyones security standards, blocking
SHA1 was a good move.  But that's not the case.  The apt suite of
tools could have some sensible defaults as far as which signing
algorithms are accepted or not, but ultimately the admin should be in
control of her own system.  Maybe an admin finds SHA256 insufficient,
and requires an even higher standard.  Who is the apt team to tell her
which algorithm she may and may not trust?

There is a hack to say trust all, which can even be used on a per
repository basis or all repositories, but this is the wrong mechanism
as it disables validity checking entirely.  The sys admin should
control which algorithms are fit for purpose, and the apt tool should
check validity on admin-permitted algorithms.

-- Package-specific info:
Terminal: screen
$DISPLAY is set.
which aptitude: /usr/bin/aptitude

aptitude version information:
aptitude 0.6.11 compiled at Nov  8 2014 13:34:39
Compiler: g++ 4.9.1
Compiled against:
  apt version 4.12.0
  NCurses version 5.9
  libsigc++ version: 2.4.0
  Gtk+ support disabled.
  Qt support disabled.

Current library versions:
  NCurses version: ncurses 5.9.20140913
  cwidget version: 0.5.17
  Apt version: 4.12.0

aptitude linkage:
	linux-vdso.so.1 (0x00007ffde62f0000)
	/usr/lib/torsocks/libtorsocks.so (0x00007f561b870000)
	libapt-pkg.so.4.12 => /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.12 (0x00007f561b500000)
	libncursesw.so.5 => /lib/x86_64-linux-gnu/libncursesw.so.5 (0x00007f561b2ca000)
	libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 (0x00007f561b0a0000)
	libsigc-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libsigc-2.0.so.0 (0x00007f561ae9a000)
	libcwidget.so.3 => /usr/lib/x86_64-linux-gnu/libcwidget.so.3 (0x00007f561ab84000)
	libsqlite3.so.0 => /usr/lib/x86_64-linux-gnu/libsqlite3.so.0 (0x00007f561a8bb000)
	libboost_iostreams.so.1.55.0 => /usr/lib/x86_64-linux-gnu/libboost_iostreams.so.1.55.0 (0x00007f561a6a3000)
	libxapian.so.22 => /usr/lib/libxapian.so.22 (0x00007f561a292000)
	libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f561a075000)
	libstdc++.so.6 => /usr/lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007f5619d6a000)
	libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f5619a69000)
	libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f5619853000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f56194a8000)
	libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f56192a4000)
	libutil.so.1 => /lib/x86_64-linux-gnu/libutil.so.1 (0x00007f56190a1000)
	libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f5618e86000)
	libbz2.so.1.0 => /lib/x86_64-linux-gnu/libbz2.so.1.0 (0x00007f5618c76000)
	liblzma.so.5 => /lib/x86_64-linux-gnu/liblzma.so.5 (0x00007f5618a53000)
	librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007f561884b000)
	libuuid.so.1 => /lib/x86_64-linux-gnu/libuuid.so.1 (0x00007f5618646000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f561c0d5000)

-- System Information:
Debian Release: 8.6
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages aptitude depends on:
ii  aptitude-common           0.6.11-1
ii  libapt-pkg4.12            1.0.9.8.3
ii  libboost-iostreams1.55.0  1.55.0+dfsg-3
ii  libc6                     2.19-18+deb8u6
ii  libcwidget3               0.5.17-2
ii  libgcc1                   1:4.9.2-10
ii  libncursesw5              5.9+20140913-1+b1
ii  libsigc++-2.0-0c2a        2.4.0-1
ii  libsqlite3-0              3.8.7.1-1+deb8u2
ii  libstdc++6                4.9.2-10
ii  libtinfo5                 5.9+20140913-1+b1
ii  libxapian22               1.2.19-1+deb8u1

Versions of packages aptitude recommends:
ii  aptitude-doc-en [aptitude-doc]  0.6.11-1
ii  libparse-debianchangelog-perl   1.2.0-1.1
ii  sensible-utils                  0.0.9

Versions of packages aptitude suggests:
ii  apt-xapian-index  0.47
pn  debtags           <none>
ii  tasksel           3.31+deb8u1

-- no debconf information

More information about the Aptitude-devel mailing list