[xen-tools-discuss] Security concerns with calling "apt-get --force-yes"
Sebastian Pipping
sebastian at pipping.org
Wed Jan 28 11:57:43 CET 2015
Hello!
It came to my attention that functions
installDebianPackage
installDebianPackageAndRecommends
of ./hooks/common.sh and also
./bin/xen-update-image
call to "apt-get --force-yes", directly.
The complete list of Xen tools calling "apt-get --force-yes" (both
direct and indirect) seems to be:
xen-create-image
xen-update-image
xt-customize-image
If I am not mistaken, --force-yes makes apt-get ignore GPG verification
errors which may lead to installation of malicious Debian packages in a
man-in-the-middle scenario.
"man apt-get" says about "--force-yes":
--force-yes
Force yes; this is a dangerous option that will cause apt to
continue without prompting if it is doing something potentially
harmful. It should not be used except in very special situations.
Using force-yes can potentially destroy your system!
My current suggestion would be to remove the --force-yes parameter.
What do you think?
Best,
Sebastian
More information about the xen-tools-discuss
mailing list