RFE: Add configurable signature checking policies
Bug #637224 reported by
Jeff Johnson
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
RPM |
In Progress
|
High
|
Jeff Johnson | ||
CentOS |
New
|
Unknown
|
|||
Fedora |
Won't Fix
|
Medium
|
Bug Description
tracker
tags: | added: rpm.org sign |
Changed in centos: | |
status: | Unknown → New |
Changed in rpm: | |
status: | New → In Progress |
importance: | Undecided → High |
assignee: | nobody → Jeff Johnson (n3npq) |
Changed in fedora: | |
importance: | Unknown → Medium |
status: | Unknown → Won't Fix |
To post a comment you must log in.
It would be nice to be able to add something to a config file that would make
the "require a valid signature" a *local* default.
IMHO, this might be implemented as a configuration/macro variable that specifies
how much attention should be payed to signatures. The values should probably be:
- ignore (do not check the signatures unless explicitly requested - e.g.
pre-4.1 behavior).
- warn (current Limbo behavior)
- error (abort if signature is present, but can not be checked or fails)
- require (same as "error", but also abort if no signature present).
( According to Jeff Johnson, lib/package.c already contains a comment: enable/ warn/error/ anal policy. */ )
/** @todo Implement disable/
It should be possible to specify the value of this macro both in a config file
(which would ship with "warn" by default) and on command line (with command line
taking precedence)...
This way for people who do not care that much it would look identical to how it
looks right now, but people who care more, can always replace "warn" with
"error" or "require" in their config files (and still be able to override it on
command line when desired).