From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-apps-return-37251-listarch-cygwin-apps=sources.redhat.com@cygwin.com>
Received: (qmail 49358 invoked by alias); 16 Apr 2016 10:15:52 -0000
Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm
Precedence: bulk
Sender: cygwin-apps-owner@cygwin.com
List-Id: <cygwin-apps.cygwin.com>
List-Subscribe: <mailto:cygwin-apps-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin-apps/>
List-Post: <mailto:cygwin-apps@cygwin.com>
List-Help: <mailto:cygwin-apps-help@cygwin.com>, <http://sourceware.org/lists.html#faqs>
Mail-Followup-To: cygwin-apps@cygwin.com
Received: (qmail 49313 invoked by uid 89); 16 Apr 2016 10:15:51 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-2.1 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=offer, interest
X-HELO: mail-in-10.arcor-online.net
Received: from mail-in-10.arcor-online.net (HELO mail-in-10.arcor-online.net) (151.189.21.50) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (CAMELLIA256-SHA encrypted) ESMTPS; Sat, 16 Apr 2016 10:15:41 +0000
Received: from mail-in-16-z2.arcor-online.net (mail-in-16-z2.arcor-online.net [151.189.8.33])	by mx.arcor.de (Postfix) with ESMTP id 3qn9K55j6cz8VDr	for <cygwin-apps@cygwin.com>; Sat, 16 Apr 2016 12:15:37 +0200 (CEST)
Received: from mail-in-09.arcor-online.net (mail-in-09.arcor-online.net [151.189.21.49])	by mail-in-16-z2.arcor-online.net (Postfix) with ESMTP id BA37321E452	for <cygwin-apps@cygwin.com>; Sat, 16 Apr 2016 12:15:37 +0200 (CEST)
X-DKIM: Sendmail DKIM Filter v2.8.2 mail-in-09.arcor-online.net 3qn9K441q4z9JW1
Received: from Gertrud (p54B46F42.dip0.t-ipconnect.de [84.180.111.66])	(Authenticated sender: stromeko@arcor.de)	by mail-in-09.arcor-online.net (Postfix) with ESMTPSA id 3qn9K441q4z9JW1	for <cygwin-apps@cygwin.com>; Sat, 16 Apr 2016 12:15:36 +0200 (CEST)
From: Achim Gratz <Stromeko@nexgo.de>
To: cygwin-apps@cygwin.com
Subject: [RFC] locked-down setup
Date: Sat, 16 Apr 2016 10:15:00 -0000
Message-ID: <87vb3hg8qg.fsf@Rainer.invalid>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.0.92 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-SW-Source: 2016-04/txt/msg00024.txt.bz2


For the Cygwin installer at work I've locked down setup to not accept
nor read in extra keys and to always check the signatures (and exit when
there is no signature present).  Of course I've also changed the
built-in key.

If there's general interest in such a modification I'd offer to develop
that patch into a proper configure option.

Also, the documentation of how to extract the key data has bit-rotted
somewhat, I've been using the gpg to extract the key parameters.


Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

Wavetables for the Terratec KOMPLEXER:
http://Synth.Stromeko.net/Downloads.html#KomplexerWaves