should support verifying signature on tree to build
Bug #810579 reported by
Jelmer Vernooij
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| brz-debian |
Triaged
|
Wishlist
|
Unassigned | ||
| bzr-builddeb |
Triaged
|
Wishlist
|
Unassigned | ||
Bug Description
bzr builddeb supports building from remote branches, e.g. over http. It would be nice if it would be possible to require signatures on remote trees that are built to detect MITM attacks.
Similarly, it would be nice to see if a remote tree that has been cloned locally was created by somebody trusted by the current user - building a package involves running scripts on the local machine.
| Changed in brz-debian: | |
| status: | New → Triaged |
| importance: | Undecided → Wishlist |
To post a comment you must log in.
