From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 3FC701382C5 for ; Thu, 25 Jan 2018 22:21:13 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id F16E0E0938; Thu, 25 Jan 2018 22:21:07 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 9D63FE0826 for ; Thu, 25 Jan 2018 22:21:07 +0000 (UTC) Received: from grubbs.orbis-terrarum.net (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 4C9AE335C30 for ; Thu, 25 Jan 2018 22:21:06 +0000 (UTC) Received: (qmail 21996 invoked by uid 10000); 25 Jan 2018 22:21:04 -0000 Date: Thu, 25 Jan 2018 22:21:04 +0000 From: "Robin H. Johnson" To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] [News item review] Portage rsync tree verification (v2) Message-ID: References: <1516874667.1833.4.camel@gentoo.org> <1516883717.1833.10.camel@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="K5roPakIqCb4O6y8" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.8.2 (2017-04-18) X-Archives-Salt: 6a3f8360-bb29-4a8a-896d-5c396e66e70d X-Archives-Hash: ec6b9ed49fd474683121b0800484b760 --K5roPakIqCb4O6y8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jan 25, 2018 at 11:55:58PM +0200, Alon Bar-Lev wrote: > I did not looked into the detailed implementation, however, please > make sure integrity check handles the same cases we have applied to > emerge-webrsync in the past, including: Gemato is the implementation of GLEP74/MetaManifest, which DOES explicitly address both of these concerns. > 1. Fast forward only in time, this is required to avoid hacker to > redirect into older portage to install vulnerabilities that were > approved at that time. Replay attacks per #1 are addressed via TIMESTAMP field in MetaManifest. > 2. Content integrity, especially removal, as far as I understand, the > mechanism will not enable to detect authorized removal of content. I think you meant 'unauthorized' rather than 'authorized' here. It will detect files that are expected to exist but are missing. --=20 Robin Hugh Johnson Gentoo Linux: Dev, Infra Lead, Foundation Treasurer E-Mail : robbat2@gentoo.org GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136 --K5roPakIqCb4O6y8 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Robbat2 @ Orbis-Terrarum Networks - The text below is a digital signature. If it doesn't make any sense to you, ignore it. iQKTBAEBCgB9FiEEveu2pS8Vb98xaNkRGTlfI8WIJsQFAlpqWE9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEJE RUJCNkE1MkYxNTZGREYzMTY4RDkxMTE5Mzk1RjIzQzU4ODI2QzQACgkQGTlfI8WI JsThTw/+MYia4pKmjKOuYSUN3Q6jgV2aFISM9Ycn29fKsSxrE+2ErtMlaFqsK6YJ 77NR0XZrkqkBm8gT6cGzk/hN2ADZsKE8vPTbv5Ipl7mCzI++5oxkgL75fxLOxJIa 5j6ssTA3tkN00gBjnCtKLQb1hhy4rh4dtmtXjHVkOHzAdmMFts2Xebpa9JrfzGr6 /4lREoyp6xBO97FsZr3n0GfKdhZ93WiDayviuKU/OpfDYvNU/22dV91uecQMc902 4TnH89AqBuTjTTJEVmrM2LCDn1GTr+hVJFJvL1Fj2eBEGyAftfHv9uaKbapfNrfo Pw2nFaBh4Q6PQu+H5sU0/X2RwI3Liib1Q856njZUPiS1BiotvxPmJWgSHA+ji9H5 biZ6msHl3GDqV2bOcqM3g6SlPnEQs3TmmYOteVae23A0UXdRj7pPZygyclocpqKb UMbzB992zZGiyfeF8grHDu8Fs400/IYv0iZB+YlJR+Yu5BZOjobgeol3mQ+lKgOA Zk1xjiUxomEOk6oU8Z4MW8l5jqsr+rodm2+Wo879pB2HFkMb1N0fjnmnKJzmGG9m VgpqOG4YPYAhNGNFrH+wTPUt4AH4y3/rx1ZPArY/3urR6qXYX/J/3M3ti1crZWOe IzeyFVT1bVrriiR0uX+S15mFmQ7GumcSmIZaMRdXwBN5MaeiQVw= =XAwn -----END PGP SIGNATURE----- --K5roPakIqCb4O6y8--