Refering to this issue, on Ubuntu 20.04, I know I could add a flag --allow-releaseinfo-change update to fix the issue when doing apt-get update but what would the cons be by using this flag? What would be the implication going forward? Does it introduce any security issue going forward?
Asked
Active
Viewed 3,905 times
1 Answers
4
Potentially - "Yes, it does add a risk."
This is evident from reading the documentation on the --allow-releaseinfo-change option in man apt-get. Specifically, man apt-secure describes and discusses its role in ensuring the integrity of the archives from which updates & upgrades are drawn. This risk applies to both signed and unsigned repositories.
The documentation further suggests that this risk may be mitigated through the use of speciality options that limit acceptable changes to certain fields (labels) in the repo; for example, suite. See the documentation for all the details.
-
Could you please provide a link to the documentation (or specify exactly which man pages) that provides all the details of the speciality options that limit acceptable changes to certain fields? You give the example `suite`, but a comprehensive list with meanings would be more useful! – William Gallafent Aug 22 '22 at 11:17
-
@WilliamGallafent: Have you looked at `man apt-get`, followed the references cited there, and in the `SEE ALSO` section of those man pages? IoW - I don't know specifically where these are listed, but if I were keen to know them all, that's where I'd go. – Aug 22 '22 at 20:39