Language Selection

English French German Italian Portuguese Spanish

Announcing extrepo

Filed under
Debian

While there is a tool to enable package signatures in Debian packages, the dpkg tool does not enforce the existence of such signatures, and therefore it is possible for an attacker to replace the (signed) .deb file with an unsigned variant, bypassing the whole signature.

In an effort to remedy this whole situation, I looked at creating extrepo, a package that would download repository metadata from a special-purpose repository, verify the signatures placed on that metadata, and if everything matches, enable the repository by creating the necessary apt configuration files.

This should allow users to enable external repository "foo" by running extrepo enable foo, rather than downloading a script from foo's website and executing it as root -- or other similarly insecure options.

Read more

extrepo followup

  • extrepo followup

    My announcement the other day has resulted in a small amount of feedback already (through various channels), and a few extra repositories to be added. There was, however, enough feedback (and the manner of it unstructured enough) that I think it's time for a bit of a follow-up...

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

7 free GIMP scripts and plug-ins for filters, brushes, textures and more

The free and open source photo-editing program called GIMP (GNU Image Manipulation Program) is a nice alternative to the subscription-based or boxed versions of its competition (including PhotoShop). Whether you’re a beginner with GIMP or a seasoned pro, there’s lots to love. Some of GIMP’s greatest assets are the plugins and scripts created by numerous independent programmers. At one time, there was a massive collection called the GIMP Plugin Registry, but that resource is no longer available. Consequently, you must search the Internet for GIMP plug-ins and scripts. To start you on the right track, we’ve selected our favorite plugins and scripts for you to try, with a brief description of each, and a link to the resource location. First; however, we should explain the complicated process of how to install these treasures and where to find them on the GIMP menus. Read more

Android Leftovers

Get started with Lumina for your Linux desktop

For a good number of years, there was a desktop operating system (OS) based on FreeBSD called PC-BSD. It was intended as an OS for general use, which was noteworthy because BSD development mostly focuses on servers. For most of its life, PC-BSD shipped with the KDE desktop by default, but the more KDE came to depend on Linux-specific technology, the more PC-BSD migrated away from it. PC-BSD became Trident, and its default desktop is Lumina, a collection of widgets written to use the same Qt toolkit that KDE is based upon, running on the Fluxbox window manager. You may find the Lumina desktop in your Linux distribution's software repository or in BSD's ports tree. If you install Lumina and you're already running another desktop, you may find yourself with redundant applications (two PDF readers, two file managers, and so on) because Lumina includes a few integrated applications. If you just want to try the Lumina desktop, you can install a Lumina-based BSD distribution in a virtual machine, such as GNOME Boxes. Read more

Android Leftovers