Debian Bug report logs - #890841
apt-key add does not report key fingerprint or key metadata.

Reply or subscribe to this bug.

Display info messages

Message #5 received at [email protected] (full text, mbox, reply):

From: Nathan Wilcox <[email protected]>

To: Debian Bug Tracking System <[email protected]>

Subject: apt-key add does not report key fingerprint or key metadata.

Date: Mon, 19 Feb 2018 12:29:46 -0800

Package: apt
Version: 1.4.8
Severity: important
Tags: security

I. Requested Change:

Alter apt-key add to print out the full GPG fingerprint(s) and metadata for each key imported.


II. Motivation:

This improves the chance that a critical mass of users would notice a compromise of commonly used apt package signing keys in the off chance that they include this fingerprint output in bug reports, logs, or active verification between peers.


III. Background:

I frequently encounter installation advice that follows a basic formula:

1. fetch package signing keys via curl via https, pipe them to apt-key add.
2. add a source to sources.list.
3. apt update && apt install $PACKAGE

For example, here is the literal install advice for Signal Desktop from 
https://signal.org/download/ as of 2018-02-19:

> curl -s https://updates.signal.org/desktop/apt/keys.asc | sudo apt-key add -
> echo "deb [arch=amd64] https://updates.signal.org/desktop/apt xenial main" | sudo tee -a /etc/apt/sources.list.d/signal-xenial.list
> sudo apt update && sudo apt install signal-desktop

When following this advice users are relying on curl's authentication via HTTPS for permanently modifying their local machine's package authentication trust profile. When I run the first step, all that `apt-key add -` outputs is "OK".

I just now wanted to ask several peers who I know would be capable of looking up the fingerprint of the key I just fetched. This is possible by running:

$ gpg --keyring /etc/apt/trusted.gpg --list-keys --fingerprint

-and then figuring out which key is relevant.

With the requested change, I would be saved one step making it more likely more users will do this in practice.


IV. Drawbacks / Criticisms / Concerns:

Some may argue that this change doesn't help for several reasons, which I respond to here:

a. This doesn't solve the authentication issue. Users can't tell if they have the right fingerprint in the first place.

The purpose of adding this feature is to improve detection of anomalies, such as suspicious changes in signing keys, not to solve the identifiation / authentication problem. Attacks can either be detected or undetected. A detected attack is much less useful because targets can react to protect themselves.


b. Replacing package signing keys is too sophisticated of an attack to happen in real life. Other attacks are much more likely.

A single successful attack against critically important software could impact a large population and also high-value targets within a population. The evaluation of whether or not a sophisticated attack is worth it depends on the value of compromising the target, the sophistication or cost of executing the attack, and the downside risks such as detection. It's naive to assume an attack is "too sophisticated to happen" without knowing the attacker's own cost/benefit profile.

However, we know that detecting an attack adds a major downside risk for many attackers' goals, and therefore we can and should raise the cost to this large category of attackers.


c. The chance that this helps detect a real attack are very low. (Alternatively: few users won't know how to use the fingerprint output appropriately.)

So long as small subset verify the fingerprints it raises the chance of detecting a real attack. In fact, if only *two* users happen to check with eachother to notice a change in signing keys, that's sufficient even if tens of thousands of users use the same installation flow.

Furthermore, users who don't understand how to use this information may still inadvertantly raise the chance of detecting an attack because they may paste logs, console snippets, reportbug outputs, etc... that inadvertantly log this information into the public sphere.


d. Users can already do this kind of check as you described above by running gpg directly.

Each time we reduce the number of steps or the complexity of looking at, sharing, or evaluating the necessary information to detect an attack, we raise the probability that the user population as a whole will detect an attack. This is a modest step to streamline that process and raise the cost of this avenue of attack.


-- Package-specific info:

-- apt-config dump --

APT "";
APT::Architecture "amd64";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
APT::Install-Recommends "false";
APT::Install-Suggests "false";
APT::Sandbox "";
APT::Sandbox::User "_apt";
APT::Authentication "";
APT::Authentication::TrustCDROM "true";
APT::NeverAutoRemove "";
APT::NeverAutoRemove:: "^firmware-linux.*";
APT::NeverAutoRemove:: "^linux-firmware$";
APT::NeverAutoRemove:: "^linux-image-4\.8\.12\+$";
APT::NeverAutoRemove:: "^linux-image-4\.9\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-headers-4\.8\.12\+$";
APT::NeverAutoRemove:: "^linux-headers-4\.9\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-image-extra-4\.8\.12\+$";
APT::NeverAutoRemove:: "^linux-image-extra-4\.9\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-signed-image-4\.8\.12\+$";
APT::NeverAutoRemove:: "^linux-signed-image-4\.9\.0-2-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-image-4\.8\.12\+$";
APT::NeverAutoRemove:: "^kfreebsd-image-4\.9\.0-2-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-headers-4\.8\.12\+$";
APT::NeverAutoRemove:: "^kfreebsd-headers-4\.9\.0-2-amd64$";
APT::NeverAutoRemove:: "^gnumach-image-4\.8\.12\+$";
APT::NeverAutoRemove:: "^gnumach-image-4\.9\.0-2-amd64$";
APT::NeverAutoRemove:: "^.*-modules-4\.8\.12\+$";
APT::NeverAutoRemove:: "^.*-modules-4\.9\.0-2-amd64$";
APT::NeverAutoRemove:: "^.*-kernel-4\.8\.12\+$";
APT::NeverAutoRemove:: "^.*-kernel-4\.9\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-backports-modules-.*-4\.8\.12\+$";
APT::NeverAutoRemove:: "^linux-backports-modules-.*-4\.9\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-tools-4\.8\.12\+$";
APT::NeverAutoRemove:: "^linux-tools-4\.9\.0-2-amd64$";
APT::VersionedKernelPackages "";
APT::VersionedKernelPackages:: "linux-image";
APT::VersionedKernelPackages:: "linux-headers";
APT::VersionedKernelPackages:: "linux-image-extra";
APT::VersionedKernelPackages:: "linux-signed-image";
APT::VersionedKernelPackages:: "kfreebsd-image";
APT::VersionedKernelPackages:: "kfreebsd-headers";
APT::VersionedKernelPackages:: "gnumach-image";
APT::VersionedKernelPackages:: ".*-modules";
APT::VersionedKernelPackages:: ".*-kernel";
APT::VersionedKernelPackages:: "linux-backports-modules-.*";
APT::VersionedKernelPackages:: "linux-tools";
APT::Never-MarkAuto-Sections "";
APT::Never-MarkAuto-Sections:: "metapackages";
APT::Never-MarkAuto-Sections:: "contrib/metapackages";
APT::Never-MarkAuto-Sections:: "non-free/metapackages";
APT::Never-MarkAuto-Sections:: "restricted/metapackages";
APT::Never-MarkAuto-Sections:: "universe/metapackages";
APT::Never-MarkAuto-Sections:: "multiverse/metapackages";
APT::Move-Autobit-Sections "";
APT::Move-Autobit-Sections:: "oldlibs";
APT::Move-Autobit-Sections:: "contrib/oldlibs";
APT::Move-Autobit-Sections:: "non-free/oldlibs";
APT::Move-Autobit-Sections:: "restricted/oldlibs";
APT::Move-Autobit-Sections:: "universe/oldlibs";
APT::Move-Autobit-Sections:: "multiverse/oldlibs";
APT::Architectures "";
APT::Architectures:: "amd64";
APT::Compressor "";
APT::Compressor::. "";
APT::Compressor::.::Name ".";
APT::Compressor::.::Extension "";
APT::Compressor::.::Binary "";
APT::Compressor::.::Cost "0";
APT::Compressor::lz4 "";
APT::Compressor::lz4::Name "lz4";
APT::Compressor::lz4::Extension ".lz4";
APT::Compressor::lz4::Binary "false";
APT::Compressor::lz4::Cost "50";
APT::Compressor::gzip "";
APT::Compressor::gzip::Name "gzip";
APT::Compressor::gzip::Extension ".gz";
APT::Compressor::gzip::Binary "gzip";
APT::Compressor::gzip::Cost "100";
APT::Compressor::gzip::CompressArg "";
APT::Compressor::gzip::CompressArg:: "-6n";
APT::Compressor::gzip::UncompressArg "";
APT::Compressor::gzip::UncompressArg:: "-d";
APT::Compressor::xz "";
APT::Compressor::xz::Name "xz";
APT::Compressor::xz::Extension ".xz";
APT::Compressor::xz::Binary "xz";
APT::Compressor::xz::Cost "200";
APT::Compressor::xz::CompressArg "";
APT::Compressor::xz::CompressArg:: "-6";
APT::Compressor::xz::UncompressArg "";
APT::Compressor::xz::UncompressArg:: "-d";
APT::Compressor::bzip2 "";
APT::Compressor::bzip2::Name "bzip2";
APT::Compressor::bzip2::Extension ".bz2";
APT::Compressor::bzip2::Binary "bzip2";
APT::Compressor::bzip2::Cost "300";
APT::Compressor::bzip2::CompressArg "";
APT::Compressor::bzip2::CompressArg:: "-6";
APT::Compressor::bzip2::UncompressArg "";
APT::Compressor::bzip2::UncompressArg:: "-d";
APT::Compressor::lzma "";
APT::Compressor::lzma::Name "lzma";
APT::Compressor::lzma::Extension ".lzma";
APT::Compressor::lzma::Binary "xz";
APT::Compressor::lzma::Cost "400";
APT::Compressor::lzma::CompressArg "";
APT::Compressor::lzma::CompressArg:: "--format=lzma";
APT::Compressor::lzma::CompressArg:: "-6";
APT::Compressor::lzma::UncompressArg "";
APT::Compressor::lzma::UncompressArg:: "--format=lzma";
APT::Compressor::lzma::UncompressArg:: "-d";
Dir "/";
Dir::State "var/lib/apt";
Dir::State::lists "lists/";
Dir::State::cdroms "cdroms.list";
Dir::State::mirrors "mirrors/";
Dir::State::extended_states "extended_states";
Dir::State::status "/var/lib/dpkg/status";
Dir::Cache "var/cache/apt";
Dir::Cache::archives "archives/";
Dir::Cache::srcpkgcache "srcpkgcache.bin";
Dir::Cache::pkgcache "pkgcache.bin";
Dir::Etc "etc/apt";
Dir::Etc::sourcelist "sources.list";
Dir::Etc::sourceparts "sources.list.d";
Dir::Etc::main "apt.conf";
Dir::Etc::netrc "auth.conf";
Dir::Etc::parts "apt.conf.d";
Dir::Etc::preferences "preferences";
Dir::Etc::preferencesparts "preferences.d";
Dir::Etc::trusted "trusted.gpg";
Dir::Etc::trustedparts "trusted.gpg.d";
Dir::Etc::apt-file-main "apt-file.conf";
Dir::Bin "";
Dir::Bin::methods "/usr/lib/apt/methods";
Dir::Bin::solvers "";
Dir::Bin::solvers:: "/usr/lib/apt/solvers";
Dir::Bin::planners "";
Dir::Bin::planners:: "/usr/lib/apt/planners";
Dir::Bin::dpkg "/usr/bin/dpkg";
Dir::Bin::gzip "/bin/gzip";
Dir::Bin::bzip2 "/bin/bzip2";
Dir::Bin::xz "/usr/bin/xz";
Dir::Bin::lz4 "/usr/bin/lz4";
Dir::Bin::lzma "/usr/bin/xz";
Dir::Media "";
Dir::Media::MountPath "/media/cdrom";
Dir::Log "var/log/apt";
Dir::Log::Terminal "term.log";
Dir::Log::History "history.log";
Dir::Log::Planner "eipp.log.xz";
Dir::Ignore-Files-Silently "";
Dir::Ignore-Files-Silently:: "~$";
Dir::Ignore-Files-Silently:: "\.disabled$";
Dir::Ignore-Files-Silently:: "\.bak$";
Dir::Ignore-Files-Silently:: "\.dpkg-[a-z]+$";
Dir::Ignore-Files-Silently:: "\.save$";
Dir::Ignore-Files-Silently:: "\.orig$";
Dir::Ignore-Files-Silently:: "\.distUpgrade$";
Acquire "";
Acquire::AllowInsecureRepositories "0";
Acquire::AllowWeakRepositories "0";
Acquire::AllowDowngradeToInsecureRepositories "0";
Acquire::cdrom "";
Acquire::cdrom::mount "/media/cdrom";
Acquire::IndexTargets "";
Acquire::IndexTargets::deb "";
Acquire::IndexTargets::deb::Packages "";
Acquire::IndexTargets::deb::Packages::MetaKey "$(COMPONENT)/binary-$(ARCHITECTURE)/Packages";
Acquire::IndexTargets::deb::Packages::flatMetaKey "Packages";
Acquire::IndexTargets::deb::Packages::ShortDescription "Packages";
Acquire::IndexTargets::deb::Packages::Description "$(RELEASE)/$(COMPONENT) $(ARCHITECTURE) Packages";
Acquire::IndexTargets::deb::Packages::flatDescription "$(RELEASE) Packages";
Acquire::IndexTargets::deb::Packages::Optional "0";
Acquire::IndexTargets::deb::Translations "";
Acquire::IndexTargets::deb::Translations::MetaKey "$(COMPONENT)/i18n/Translation-$(LANGUAGE)";
Acquire::IndexTargets::deb::Translations::flatMetaKey "$(LANGUAGE)";
Acquire::IndexTargets::deb::Translations::ShortDescription "Translation-$(LANGUAGE)";
Acquire::IndexTargets::deb::Translations::Description "$(RELEASE)/$(COMPONENT) Translation-$(LANGUAGE)";
Acquire::IndexTargets::deb::Translations::flatDescription "$(RELEASE) Translation-$(LANGUAGE)";
Acquire::IndexTargets::deb::Contents-deb "";
Acquire::IndexTargets::deb::Contents-deb::MetaKey "$(COMPONENT)/Contents-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-deb::ShortDescription "Contents-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-deb::Description "$(RELEASE)/$(COMPONENT) $(ARCHITECTURE) Contents (deb)";
Acquire::IndexTargets::deb::Contents-deb::flatMetaKey "Contents-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-deb::flatDescription "$(RELEASE) Contents (deb)";
Acquire::IndexTargets::deb::Contents-deb::PDiffs "true";
Acquire::IndexTargets::deb::Contents-deb::KeepCompressed "true";
Acquire::IndexTargets::deb::Contents-udeb "";
Acquire::IndexTargets::deb::Contents-udeb::MetaKey "$(COMPONENT)/Contents-udeb-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-udeb::ShortDescription "Contents-udeb-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-udeb::Description "$(RELEASE)/$(COMPONENT) $(ARCHITECTURE) Contents (udeb)";
Acquire::IndexTargets::deb::Contents-udeb::flatMetaKey "Contents-udeb-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-udeb::flatDescription "$(RELEASE) Contents (udeb)";
Acquire::IndexTargets::deb::Contents-udeb::KeepCompressed "true";
Acquire::IndexTargets::deb::Contents-udeb::PDiffs "true";
Acquire::IndexTargets::deb::Contents-udeb::DefaultEnabled "false";
Acquire::IndexTargets::deb-src "";
Acquire::IndexTargets::deb-src::Sources "";
Acquire::IndexTargets::deb-src::Sources::MetaKey "$(COMPONENT)/source/Sources";
Acquire::IndexTargets::deb-src::Sources::flatMetaKey "Sources";
Acquire::IndexTargets::deb-src::Sources::ShortDescription "Sources";
Acquire::IndexTargets::deb-src::Sources::Description "$(RELEASE)/$(COMPONENT) Sources";
Acquire::IndexTargets::deb-src::Sources::flatDescription "$(RELEASE) Sources";
Acquire::IndexTargets::deb-src::Sources::Optional "0";
Acquire::IndexTargets::deb-src::Contents-dsc "";
Acquire::IndexTargets::deb-src::Contents-dsc::MetaKey "$(COMPONENT)/Contents-source";
Acquire::IndexTargets::deb-src::Contents-dsc::ShortDescription "Contents-source";
Acquire::IndexTargets::deb-src::Contents-dsc::Description "$(RELEASE)/$(COMPONENT) source Contents (dsc)";
Acquire::IndexTargets::deb-src::Contents-dsc::flatMetaKey "Contents-source";
Acquire::IndexTargets::deb-src::Contents-dsc::flatDescription "$(RELEASE) Contents (dsc)";
Acquire::IndexTargets::deb-src::Contents-dsc::PDiffs "true";
Acquire::IndexTargets::deb-src::Contents-dsc::KeepCompressed "true";
Acquire::IndexTargets::deb-src::Contents-dsc::DefaultEnabled "false";
Acquire::Changelogs "";
Acquire::Changelogs::URI "";
Acquire::Changelogs::URI::Origin "";
Acquire::Changelogs::URI::Origin::Debian "http://metadata.ftp-master.debian.org/changelogs/@CHANGEPATH@_changelog";
Acquire::Changelogs::URI::Origin::Tanglu "http://metadata.tanglu.org/changelogs/@CHANGEPATH@_changelog";
Acquire::Changelogs::URI::Origin::Ubuntu "http://changelogs.ubuntu.com/changelogs/pool/@CHANGEPATH@/changelog";
Acquire::Changelogs::URI::Origin::Ultimedia "http://packages.ultimediaos.com/changelogs/pool/@CHANGEPATH@/changelog.txt";
Acquire::Changelogs::AlwaysOnline "";
Acquire::Changelogs::AlwaysOnline::Origin "";
Acquire::Changelogs::AlwaysOnline::Origin::Ubuntu "1";
Acquire::Languages "";
Acquire::Languages:: "en";
Acquire::Languages:: "none";
Acquire::CompressionTypes "";
Acquire::CompressionTypes::xz "xz";
Acquire::CompressionTypes::bz2 "bzip2";
Acquire::CompressionTypes::lzma "lzma";
Acquire::CompressionTypes::gz "gzip";
Acquire::CompressionTypes::lz4 "lz4";
DPkg "";
DPkg::Pre-Install-Pkgs "";
DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true";
Binary "apt-config";
Binary::apt "";
Binary::apt::APT "";
Binary::apt::APT::Color "1";
Binary::apt::APT::Cache "";
Binary::apt::APT::Cache::Show "";
Binary::apt::APT::Cache::Show::Version "2";
Binary::apt::APT::Cache::AllVersions "0";
Binary::apt::APT::Cache::ShowVirtuals "1";
Binary::apt::APT::Cache::Search "";
Binary::apt::APT::Cache::Search::Version "2";
Binary::apt::APT::Cache::ShowDependencyType "1";
Binary::apt::APT::Cache::ShowVersion "1";
Binary::apt::APT::Get "";
Binary::apt::APT::Get::Upgrade-Allow-New "1";
Binary::apt::APT::Cmd "";
Binary::apt::APT::Cmd::Show-Update-Stats "1";
Binary::apt::APT::Keep-Downloaded-Packages "0";
Binary::apt::DPkg "";
Binary::apt::DPkg::Progress-Fancy "1";
Binary::apt-get "";
Binary::apt-get::Acquire "";
Binary::apt-get::Acquire::AllowInsecureRepositories "1";
CommandLine "";
CommandLine::AsString "apt-config dump";

-- (no /etc/apt/preferences present) --


-- (no /etc/apt/preferences.d/* present) --


-- /etc/apt/sources.list --

# 

# deb cdrom:[Debian GNU/Linux stretch-DI-alpha7 _Stretch_ - Official Snapshot amd64 NETINST Binary-1 20160630-14:29]/ stretch contrib main non-free

#deb cdrom:[Debian GNU/Linux stretch-DI-alpha7 _Stretch_ - Official Snapshot amd64 NETINST Binary-1 20160630-14:29]/ stretch contrib main non-free

deb http://ftp.us.debian.org/debian/ stretch main non-free contrib
deb-src http://ftp.us.debian.org/debian/ stretch main non-free contrib

deb http://security.debian.org/debian-security stretch/updates main contrib non-free
deb-src http://security.debian.org/debian-security stretch/updates main contrib non-free

-- System Information:
Debian Release: stretch/sid
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages apt depends on:
ii  adduser                 3.115
ii  debian-archive-keyring  2014.3
ii  gpgv                    1.4.20-6
ii  init-system-helpers     1.44
ii  libapt-pkg5.0           1.3~rc4
ii  libc6                   2.24-10
ii  libgcc1                 1:6.3.0-12
ii  libstdc++6              6.3.0-12

Versions of packages apt recommends:
ii  gnupg  2.1.18-8~deb9u1

Versions of packages apt suggests:
pn  apt-doc                      <none>
pn  aptitude | synaptic | wajig  <none>
ii  dpkg-dev                     1.18.10
pn  powermgmt-base               <none>
pn  python-apt                   <none>

-- no debconf information

Message #10 received at [email protected] (full text, mbox, reply):

From: Julian Andres Klode <[email protected]>

To: Nathan Wilcox <[email protected]>, [email protected]

Subject: Re: Bug#890841: apt-key add does not report key fingerprint or key metadata.

Date: Mon, 19 Feb 2018 22:07:48 +0100

Control: severity -1 wishlist

On Mon, Feb 19, 2018 at 12:29:46PM -0800, Nathan Wilcox wrote:
> Package: apt
> Version: 1.4.8
> Severity: important
> Tags: security
> 
> I. Requested Change:
> 
> Alter apt-key add to print out the full GPG fingerprint(s) and 
> metadata for each key imported.
> 
> 
> II. Motivation:
> 
> This improves the chance that a critical mass of users would notice a 
> compromise of commonly used apt package signing keys in the off chance 
> that they include this fingerprint output in bug reports, logs, or 
> active verification between peers.

apt-key add is deprecated for over a year now. I don't think a critical
mass of users cares about that. It's also the wrong approach: Piping
untrusted data to a root process and then checking that the root thing
did its work correctly makes no sense from a security perspective.

> 
> 
> III. Background:
> 
> I frequently encounter installation advice that follows a basic formula:
> 
> 1. fetch package signing keys via curl via https, pipe them to apt-key add.
> 2. add a source to sources.list.
> 3. apt update && apt install $PACKAGE

We deprecated that approach a while ago and it might fail on systems that
do not have gnupg installed, so upstreams really should not use it.

I very much prefer the Chrome approach of sticking a key and a sources.list
into a package and providing that package over https for initial installation.

Other ideas are welcome.

> 
> For example, here is the literal install advice for Signal Desktop from 
> https://signal.org/download/ as of 2018-02-19:
> 
> > curl -s https://updates.signal.org/desktop/apt/keys.asc | sudo apt-key add -
> > echo "deb [arch=amd64] https://updates.signal.org/desktop/apt xenial main" | sudo tee -a /etc/apt/sources.list.d/signal-xenial.list
> > sudo apt update && sudo apt install signal-desktop
> 
> When following this advice users are relying on curl's authentication 
> via HTTPS for permanently modifying their local machine's package 
> authentication trust profile. When I run the first step, all that 
> `apt-key add -` outputs is "OK".

That's somewhat awful.

> 
> I just now wanted to ask several peers who I know would be capable of 
> looking up the fingerprint of the key I just fetched. This is possible 
> by running:
> 
> $ gpg --keyring /etc/apt/trusted.gpg --list-keys --fingerprint
> 
> -and then figuring out which key is relevant.
> 
> With the requested change, I would be saved one step making it more 
> likely more users will do this in practice.

I think we should definitely do that.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer                              i speak de, en

Send a report that this bug log contains spam.