How to inspect and validate a deb package before installation?
Use this:
dpkg-deb --info <deb file>
Prefer to use apt if you need them to be signed.
Normal deb files do not contain all data you need, except that you can get by dpkg-deb --info
or look into DEBIAN/control
file.
You can have dsc files with this data, if you download from launchpad or official repositories.
Deb files are not signed by default. General recommendation is not to install deb packages from sites you do not trust.
There are no special security instruments in Debian packages.
All you should need is
dpkg -I package.deb
Here is sample out put of a package named hostapd_2.1-0ubuntu1.2_amd64.deb
on my PC
~$ dpkg -I '/home/mark/hostapd_2.1-0ubuntu1.2_amd64.deb'
new debian package, version 2.0.
size 422472 bytes: control archive=2619 bytes.
66 bytes, 3 lines conffiles
1537 bytes, 31 lines control
1085 bytes, 15 lines md5sums
1375 bytes, 53 lines * postinst #!/bin/sh
359 bytes, 14 lines * postrm #!/bin/sh
570 bytes, 30 lines * preinst #!/bin/sh
204 bytes, 7 lines * prerm #!/bin/sh
Package: hostapd
Source: wpa (2.1-0ubuntu1.2)
Version: 1:2.1-0ubuntu1.2
Architecture: amd64
Maintainer: Ubuntu Developers <[email protected]>
Installed-Size: 1219
Depends: libc6 (>= 2.15), libnl-3-200 (>= 3.2.7), libnl-genl-3-200 (>= 3.2.7), libssl1.0.0 (>= 1.0.1), lsb-base (>= 3.2-13), initscripts (>= 2.88dsf-13.3)
Section: net
Priority: optional
Multi-Arch: foreign
Homepage: http://w1.fi/wpa_supplicant/
Description: user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
Originally, hostapd was an optional user space component for Host AP
driver. It adds more features to the basic IEEE 802.11 management
included in the kernel driver: using external RADIUS authentication
server for MAC address based access control, IEEE 802.1X Authenticator
and dynamic WEP keying, RADIUS accounting, WPA/WPA2 (IEEE 802.11i/RSN)
Authenticator and dynamic TKIP/CCMP keying.
.
The current version includes support for other drivers, an integrated
EAP authenticator (i.e., allow full authentication without requiring
an external RADIUS authentication server), and RADIUS authentication
server for EAP authentication.
.
hostapd works with the following drivers:
.
* mac80211 based drivers with support for master mode [linux]
* Host AP driver for Prism2/2.5/3 [linux]
* Driver interface for FreeBSD net80211 layer [kfreebsd]
* Any wired Ethernet driver for wired IEEE 802.1X authentication.
Original-Maintainer: Debian/Ubuntu wpasupplicant Maintainers <[email protected]>
And another at random called pulseaudio_6.0-90-g75dd2-1_amd64.deb
~$ dpkg -I '/home/mark/pulseaudio/pulseaudio_6.0-90-g75dd2-1_amd64.deb'
new debian package, version 2.0.
size 1421422 bytes: control archive=314 bytes.
0 bytes, 0 lines conffiles
222 bytes, 9 lines control
Package: pulseaudio
Priority: extra
Section: checkinstall
Installed-Size: 8144
Maintainer: root@Ubuntu
Architecture: amd64
Version: 6.0-90-g75dd2-1
Provides: pulseaudio
Description: Package created with checkinstall 1.6.2