From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Fop5m-0006PG-D5 for garchives@archives.gentoo.org; Fri, 09 Jun 2006 22:04:34 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.6/8.13.6) with SMTP id k59M1jtB014876; Fri, 9 Jun 2006 22:01:45 GMT Received: from fuse.inversepath.com (fuse.inversepath.com [69.60.119.224]) by robin.gentoo.org (8.13.6/8.13.6) with ESMTP id k59LjtfB004142 for ; Fri, 9 Jun 2006 21:45:56 GMT Received: from fuse.inversepath.com (localhost [127.0.0.1]) by fuse.inversepath.com (8.13.6/8.13.6) with ESMTP id k59LjtjE030933 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 9 Jun 2006 21:45:55 GMT Received: (from lcars@localhost) by fuse.inversepath.com (8.13.6/8.13.6/Submit) id k59LjtwE021146 for gentoo-dev@lists.gentoo.org; Fri, 9 Jun 2006 21:45:55 GMT Date: Fri, 9 Jun 2006 21:45:55 +0000 From: Andrea Barisani To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Project Sunrise thread -- a try of clarification Message-ID: <20060609214555.GD25418@fuse.inversepath.com> Mail-Followup-To: gentoo-dev@lists.gentoo.org References: <44887368.9030302@gentoo.org> <1149803837.19443.101.camel@cgianelloni.nuvox.net> <4488A4F3.5060908@gentoo.org> <1149811589.19102.23.camel@vertigo.twi-31o2.org> <1149841698.9743.20.camel@localhost> <1149870017.22473.22.camel@cgianelloni.nuvox.net> <1149874871.9743.77.camel@localhost> <1149884042.22473.150.camel@cgianelloni.nuvox.net> <1149886303.32544.7.camel@localhost> <1149888139.22473.181.camel@cgianelloni.nuvox.net> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1149888139.22473.181.camel@cgianelloni.nuvox.net> X-GPG-Key: 0x864C9B9E X-GPG-Fingerprint: 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E User-Agent: Mutt/1.5.11 X-Archives-Salt: 3095b04f-a4c5-461d-970b-603715f490a5 X-Archives-Hash: b038ef5b5a605b263f4026c5641b7fd7 On Fri, Jun 09, 2006 at 05:22:18PM -0400, Chris Gianelloni wrote: > On Fri, 2006-06-09 at 22:51 +0200, Patrick Lauer wrote: > > On Fri, 2006-06-09 at 16:14 -0400, Chris Gianelloni wrote: > > [snip] > > > > If someone wanted to exploit boxen he'd use a much simpler attack > > > > vector ... our rsync mirrors are wide open. No need to secure the little > > > > window over there when the front door is open ... > > > > > > Really? I'd like you to give me root on rsync.gentoo.org, then. What's > > > that? You can't? What a wonder! > > > > I don't need that ... > > Look, three-step plan to hacking Gentoo boxen: > > > > 1) open a few rsync mirrors and get them into the official rotation > > Umm... the rsync servers in rsync.gentoo.org are all controlled by infra > now. If you're using another rsync server (read, untrusted) then you > get what you deserve. ;] > Right. Besides all distro suffer this same problem, indeed shouting that our mirror system is a wide open door is far from being fair. This new project though could be a nice attack vector, in the FAQ you state that you don't allow eclasses, that's nice...but I can think thousand of other ways for compromises without them using ebuilds. Not pointing fingers here, just stating that if this is an "official" project (whatever that means)...or even if it's not, much caution is advised security-wise in who you trust and what you are going to put in the tree (and most important what the perception of your authority/reliability will be user-wise). Cheers -- Andrea Barisani .*. Gentoo Linux Infrastructure Developer V ( ) PGP-Key 0x864C9B9E http://dev.gentoo.org/~lcars/pubkey.asc ( ) 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E ^^_^^ "Pluralitas non est ponenda sine necessitate" -- gentoo-dev@gentoo.org mailing list