From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 172AF1382C5 for ; Thu, 25 Jan 2018 21:56:28 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 84127E0986; Thu, 25 Jan 2018 21:56:00 +0000 (UTC) Received: from mail-ot0-x22c.google.com (mail-ot0-x22c.google.com [IPv6:2607:f8b0:4003:c0f::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 1F3D6E0975 for ; Thu, 25 Jan 2018 21:56:00 +0000 (UTC) Received: by mail-ot0-x22c.google.com with SMTP id r4so8282634oti.12 for ; Thu, 25 Jan 2018 13:56:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:content-transfer-encoding; bh=c+G+PNka984UZfAY52SMhVghaZBvSI1YGSyczsKPyDg=; b=KY24hh3C9pAKXgLRd+X0ybd2WSMSdNRNNemw61i6GsmcGseItB34J7ojl/tNIS2Yhj /kftpaITJcQRtsxSfj3/eO2YhGDNKUFyEowIgY/a3d8ObrFJzniAIwHreoEb4TTo8KWK EHHk0IeaSYcXwcR38/fbyf+fhOl/zN9zLLLT1ilA8FwtmWWbKChkVLUOI2mRuYt4jPkh CFv31cUF5HY2MXZfQw4lhw/uUs7btUe0v9ddMOZ2eKAPoYDdLUdC4CLWN0K8EQnNQ7z+ QCBr02KGPA1K2Xg2GlzRnCSwlhMeXwuM/5tgIBo2jiMUf+LdJ2/sjjJIIfiA20oBTE0l NogQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:content-transfer-encoding; bh=c+G+PNka984UZfAY52SMhVghaZBvSI1YGSyczsKPyDg=; b=O3h/+anS908Zh2BZHGMOieEBUEkIEOEr4l5rdM02UQV2ylc+iQeuv5gVJBcdgjI1VH V5M2SjpCRhEHFcTymF+9HvwXqmgy/VKP+7gps1oe1w4vnhaT2mlxEXwXaCVAcMgrwNi0 SQkL/Lw/iI/UZLE5jqH69l/plbAIvXxF5ASFY+i9L0nGPGQEfdjXwkrAGhmSydWSNCsn Wb9xRE1GgITMjN7ASqRYQw06+33DJ7E8Wz/Ftus2oFsHJlY1MyMZAN8VNMnURkkuzudV PL9TnhkSij/T3P31da0/Dl3SuAm2POf65anxxlKiBtNuFtYA1c+zyWk7tmu926WYeQ5J bSdA== X-Gm-Message-State: AKwxyte8/lGJsvjtIiApA8fR39zKNMI6Y7/kxgC5O8UfEdbbp+Nvt+wE KdwcN8uRJEvBG7GZBVohM2ZdEy4oQiaLJKJtptXViEdk X-Google-Smtp-Source: AH8x226rX5tTz5vZOLRLJJlWoSb8/DzrVknKocZrbVsnm57hkm7AcG9dTftnEjP2UHPami/iyDuFWxLKiNh/r82JAV0= X-Received: by 10.157.60.119 with SMTP id j52mr14214210ote.353.1516917359131; Thu, 25 Jan 2018 13:55:59 -0800 (PST) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Sender: alon.barlev@gmail.com Received: by 10.157.17.142 with HTTP; Thu, 25 Jan 2018 13:55:58 -0800 (PST) In-Reply-To: <1516883717.1833.10.camel@gentoo.org> References: <1516874667.1833.4.camel@gentoo.org> <1516883717.1833.10.camel@gentoo.org> From: Alon Bar-Lev Date: Thu, 25 Jan 2018 23:55:58 +0200 X-Google-Sender-Auth: L3BwhC8uLDtnUZZqj-7NmC8zbJk Message-ID: Subject: Re: [gentoo-dev] [News item review] Portage rsync tree verification (v2) To: gentoo-dev@lists.gentoo.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 26d1fc1b-f242-47f9-8cc4-a0720cd8d519 X-Archives-Hash: d04e7e4dd9eb49f4cb7f4c2f7849fcfd Hi, On 25 January 2018 at 14:35, Micha=C5=82 G=C3=B3rny wro= te: > > Starting with sys-apps/portage-2.3.22, Portage enables cryptographic > verification of the Gentoo rsync repository distributed over rsync > by default. This aims to prevent malicious third parties from altering > the contents of the ebuild repository received by our users. I did not looked into the detailed implementation, however, please make sure integrity check handles the same cases we have applied to emerge-webrsync in the past, including: 1. Fast forward only in time, this is required to avoid hacker to redirect into older portage to install vulnerabilities that were approved at that time. 2. Content integrity, especially removal, as far as I understand, the mechanism will not enable to detect authorized removal of content. Regards, Alon