Skip to content

Verify keyring .deb signature in install.sh; remove PODUP_INSECURE_SKIP_VERIFY bypass #314

Closed
Closed
Verify keyring .deb signature in install.sh; remove PODUP_INSECURE_SKIP_VERIFY bypass#314
Labels
area:installerSubsystem: installerprio:P0Critical — drop everythingstatus:readyReady to be worked ontype:securitySecurity-relevant change

Description

@Jaro-c
Jaro-c
opened on Jun 15, 2026

Government-readiness security audit (verified vs install.sh source).

  • chore: add repository baseline #1 `install.sh:168-169` — `--apt` path runs `dpkg -i` on `glyndor-archive-keyring.deb` as root with no Ed25519/SHA verification. MITM/CDN-compromise = root code exec. Add signature+checksum verification before `dpkg -i`.
  • release: promote develop to main #2 `install.sh:220-228` — `PODUP_INSECURE_SKIP_VERIFY=1` is a documented crypto bypass. Remove it, or gate behind a non-default build flag with an audit log line.

Blocks government deployment.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area:installerSubsystem: installerprio:P0Critical — drop everythingstatus:readyReady to be worked ontype:securitySecurity-relevant change

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions