Bug #15847

Audit our usage of apt/apt-get's --force-yes option

Added by intrigeri 2018-08-26 04:59:41 . Updated 2018-08-27 04:54:59 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
2018-08-26
Due date:
% Done:

100%

Feature Branch:
Type of work:
Security Audit
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

“This option name doesn’t sound very dangerous, but it makes APT assume
the “yes” answer to all questions, including the question about
installing packages that couldn’t be authenticated…"

Both the build system and ASP might be impacted.


Subtasks


Related issues

Blocks Tails - Feature #15334: Core work 2018Q3: Foundations Team Resolved 2018-02-20

History

#1 Updated by intrigeri 2018-08-26 04:59:59

#2 Updated by intrigeri 2018-08-26 05:00:56

  • Description updated

#3 Updated by intrigeri 2018-08-27 04:54:59

  • Status changed from Confirmed to Resolved
  • Assignee deleted (intrigeri)
  • % Done changed from 0 to 100
  • Private changed from Yes to No

False alarm, I was confusing this option with -y. I’ve checked tails.git, our submodules and our Puppet code: we don’t use --force-yes at all.