Author Topic: Corrupted databases behind logon proxies  (Read 357 times)

0 Members and 1 Guest are viewing this topic.

Offline dr.phees

  • Jr. Mitglied
  • **
  • Posts: 84
  • BeerByBitcoin: 148FtVLvWS6jPuTKbrc6UrKwUdaFkzQubK
  • Branch: stable
  • Desktop: Xfce mostly
  • Skill: Novice
Corrupted databases behind logon proxies
« on: 28. April 2016, 09:40:41 »
When I find myself in a network using a logon proxy which bends every network request to the logon page, I find that pacman ends up with corrupted databases as soon as it auto-checks for updates.

Usually I logon at some point, but the corrupted databases prohibit installing/updating new software until they are deleted and freshly updated.

I guess pacman accepts the proxy requests (basically the logon-page) as a database upgrade and does something bad to its repo databases. Shouldn't pacman check the content (and signing) of any data first before writing anything to its files? I would guess this might harbour an interesting vulnerability. Is there a way to prevent this (whithout changing my auto-check settings)?
Buy me a BeerByBitcoin: 148FtVLvWS6jPuTKbrc6UrKwUdaFkzQubK