| commit | 7d961c849bf4dab481e261bdb91304f6a4744d8c | |
| author | Dan McGee <dan@archlinux.org> | |
| Wed, 21 Sep 2011 21:19:12 +0000 (21 16:19 -0500) | ||
| committer | Dan McGee <dan@archlinux.org> | |
| Thu, 22 Sep 2011 16:15:39 +0000 (22 11:15 -0500) | ||
| tree | 9ca528ab4bee432ca0aedf8289fe7cc3f4f4f973 | treesnapshot (tar.gz zip) |
| parent | 6767de5380d97f6544ca3968b83b74120dfcbeca | commitdiff |
pacman-key: disable, don't remove, revoked keys
Unlike our protégé apt-key, removing a key from our keyring is not
sufficient to prevent it from being trusted or used for verification. We
are better off flagging it as disabled and leaving it in the keyring so
it cannot be reimported or fetched at a later date from a keyserver and
continue to be used.
Implement the logic to disable the key instead of delete it, figuring
out --command-fd in the process.
Note that the surefire way to disable a key involves including said key
in the keyring package, such that it is both in foobar.gpg and
foobar-revoked.
Signed-off-by: Dan McGee <dan@archlinux.org>
Unlike our protégé apt-key, removing a key from our keyring is not
sufficient to prevent it from being trusted or used for verification. We
are better off flagging it as disabled and leaving it in the keyring so
it cannot be reimported or fetched at a later date from a keyserver and
continue to be used.
Implement the logic to disable the key instead of delete it, figuring
out --command-fd in the process.
Note that the surefire way to disable a key involves including said key
in the keyring package, such that it is both in foobar.gpg and
foobar-revoked.
Signed-off-by: Dan McGee <dan@archlinux.org>
| scripts/pacman-key.sh.in | diffblobblamehistory |