Use a long keyid for Onlyoffice's Debian repo
Short keyids are easy to spoof, making the GPG signature verification of packages ineffective against most attackers. See https://evil32.com/
This commit is contained in:
parent
8a02d9fbe4
commit
c4f20cf8ca
1 changed files with 1 additions and 1 deletions
|
@ -6,7 +6,7 @@ ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=nonint
|
|||
RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
|
||||
apt-get -y update && \
|
||||
apt-get -yq install wget apt-transport-https curl locales && \
|
||||
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CB2DE8E5 && \
|
||||
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
|
||||
locale-gen en_US.UTF-8 && \
|
||||
curl -sL https://deb.nodesource.com/setup_6.x | bash - && \
|
||||
apt-get -y update && \
|
||||
|
|
Loading…
Reference in a new issue