diff options
| author | Julian Andres Klode <julian.klode@canonical.com> | 2019-12-02 11:46:49 +0100 |
|---|---|---|
| committer | Julian Andres Klode <julian.klode@canonical.com> | 2019-12-02 14:27:38 +0100 |
| commit | 93f33052de84e9aeaf19c92291d043dad2665bbd (patch) | |
| tree | 667c4240b6f6fb9c91ae20b655478508b09d6214 /doc | |
| parent | 1690c3f87ae45a41e8d3e09bf0b1021c008460b9 (diff) | |
netrc: Restrict auth.conf entries to https by default
This avoids downgrade attacks where an attacker could inject
Location: http://private.example/
and then (having access to raw data to private.example, for example,
by opening a port there, or sniffing network traffic) read the credentials
for the private repository.
Closes: #945911
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/apt_auth.conf.5.xml | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/doc/apt_auth.conf.5.xml b/doc/apt_auth.conf.5.xml index e7961ef81..99394be00 100644 --- a/doc/apt_auth.conf.5.xml +++ b/doc/apt_auth.conf.5.xml @@ -50,7 +50,7 @@ Unknown tokens will be ignored. Tokens may be separated by spaces, tabs or newli <variablelist> <varlistentry> -<term><literal>machine</literal> <replaceable>hostname</replaceable>[:<replaceable>port</replaceable>][/<replaceable>path</replaceable>]</term> +<term><literal>machine</literal> <replaceable>[protocol://]</replaceable><replaceable>hostname</replaceable>[:<replaceable>port</replaceable>][/<replaceable>path</replaceable>]</term> <listitem><para>Entries are looked up by searching for the <emphasis><literal>machine</literal></emphasis> token matching the hostname of the URI apt needs login information for. Extending the netrc-format @@ -60,7 +60,8 @@ different login information reside on the same server. A machine token with a pa matches if the path in the URI starts with the path given in the token. Once a match is made, the subsequent tokens are processed, stopping when the end of file is reached or another <emphasis><literal>machine</literal></emphasis> -token is encountered.</para></listitem> +token is encountered.</para> +<para>If protocol is not specified, the entry only matches https and tor+https.</para></listitem> </varlistentry> <varlistentry> @@ -80,9 +81,9 @@ token is encountered.</para></listitem> <refsect1><title>Example</title> <para>Supplying login information for a user named <literal>apt</literal> with the password <literal>debian</literal> for the &sources-list; entry -<literallayout>deb http://example.org/debian &debian-stable-codename; main</literallayout> +<literallayout>deb https://example.org/debian &debian-stable-codename; main</literallayout> could be done in the entry directly: -<literallayout>deb http://apt:debian@example.org/debian &debian-stable-codename; main</literallayout> +<literallayout>deb https://apt:debian@example.org/debian &debian-stable-codename; main</literallayout> Alternatively an entry like the following in the auth.conf file could be used: <literallayout>machine example.org login apt @@ -95,7 +96,7 @@ machine example.org/debian login apt password debian machine example.org/debian/ login apt password debian </literallayout> On the other hand neither of the following lines apply: -<literallayout>machine example.org:80 login apt password debian +<literallayout>machine example.org:443 login apt password debian machine example.org/deb/ login apt password debian machine example.org/ubuntu login apt password debian machine example.orga login apt password debian @@ -111,6 +112,9 @@ also the implementation slightly. For maximum backward compatibility you should avoid multiple <literal>machine</literal> tokens with the same hostname, but if you need multiple they should all have a path specified in the <literal>machine</literal> token.</para> +<para>Login information in auth.conf are more flexible than those in sources.list. For +example, login information can be specified for parts of a repository only, or if the +sources.list entry redirects elsewhere, login information for the redirect destination can be supplied.</para> </refsect1> <refsect1> |