undefined | Better HN

0 pointsmoe11y ago0 comments

Yes, apt is indeed one of the best we have (the one-eyed amongst the blind).

Sadly it's still using a flawed[1] trust model where you trust repositories rather than publishers. And the UI-shim over GnuPG is 'basic' at best (to put it politely).

To add insult to injury deb/dpkg itself actually does contain a mechanism for package-level signing. But as far as I know no distro is using it.

To add even more insult to injury, all mobile platforms and both Windows and OSX have more reasonable package security models than Linux today.

[1] This is fine for guarding against compromised mirrors - and not much else.

0 comments

tomn11y ago

The signing used by pacman (on arch) seems relatively nice, in that individual packages are signed by the maintainer rather than the repository.

Whether or not this buys you any extra security, I'm not sure. In reality I don't think many users check maintainer keys when asked if they want to trust them, but they could.

j / k navigate · click thread line to collapse