diff options
author | David Kalnischkies <david@kalnischkies.de> | 2016-06-20 20:50:43 +0200 |
---|---|---|
committer | David Kalnischkies <david@kalnischkies.de> | 2016-06-22 14:05:01 +0200 |
commit | d03b947b0ce4f87d7d5cc48d4d274ab3bd0b289a (patch) | |
tree | 36b17da3040ffc4181e20e4b1c254671c2b24e3a /doc/apt.conf.5.xml | |
parent | 5da51e0e2da3f055306562d38103b06a23d81719 (diff) |
add insecure (and weak) allow-options for sources.list
Weak had no dedicated option before and Insecure and Downgrade were both
global options, which given the effect they all have on security is
rather bad. Setting them for individual repositories only isn't great
but at least slightly better and also more consistent with other
settings for repositories.
Diffstat (limited to 'doc/apt.conf.5.xml')
-rw-r--r-- | doc/apt.conf.5.xml | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/doc/apt.conf.5.xml b/doc/apt.conf.5.xml index 015401605..dfdd0eabf 100644 --- a/doc/apt.conf.5.xml +++ b/doc/apt.conf.5.xml @@ -653,7 +653,17 @@ APT::Compressor::rev { Allow update operations to load data files from repositories without sufficient security information. The default value is "<literal>false</literal>". - Concept and implications of this are detailed in &apt-secure;. + Concept, implications as well as alternatives are detailed in &apt-secure;. + </para></listitem> + </varlistentry> + + <varlistentry><term><option>AllowWeakRepositories</option></term> + <listitem><para> + Allow update operations to load data files from + repositories which provide security information, but these + are deemed no longer cryptographically strong enough. + The default value is "<literal>false</literal>". + Concept, implications as well as alternatives are detailed in &apt-secure;. </para></listitem> </varlistentry> @@ -664,9 +674,7 @@ APT::Compressor::rev { for a previously trusted repository apt will refuse the update. This option can be used to override this protection. You almost certainly never want to enable this. The default is <literal>false</literal>. - - Note that apt will still consider packages from this source - untrusted and warns about them if you try to install them. + Concept, implications as well as alternatives are detailed in &apt-secure;. </para></listitem> </varlistentry> |