From: Kurt Lieber <klieber@gentoo.org>
To: gentoo-security@lists.gentoo.org
Subject: Re: [gentoo-security] Re: Trojan for Gentoo, part 2
Date: Sun, 7 Nov 2004 15:49:22 +0000 [thread overview]
Message-ID: <20041107154922.GH10927@mail.lieber.org> (raw)
In-Reply-To: <87d5ypu0in.fsf@peti.cryp.to>
[-- Attachment #1: Type: text/plain, Size: 1237 bytes --]
On Sun, Nov 07, 2004 at 04:44:32PM +0100 or thereabouts, Peter Simons wrote:
> I think it is important to stress that everybody is on the
> same side here. The important thing right now is how to
> _fix_ this problem. As I see it, the simplest possible
> solution is this:
>
> (1) Run "find /usr/portage -type f | xargs sha1sum -b" on
> the Gentoo main system.
>
> (2) Sign the output with GPG.
>
> (3) Put it into the portage tree.
>
> (4) If the user has GPG installed and has manually put the
> appropriate public key in some place _outside_ of the
> portage tree, have "emerge sync" verify that the
> signature is intact and all hashes hold.
>
> Done.
People place way to much reliance on GPG and other public/private key
systems...
Let's assume we implement the above steps. What does that buy you? How do
you know how many people have a copy of the private key used to sign that
data? How do you know what sort of passphrase is used on it? (or if it
even has a passphrase) How do you know the box that holds the private key
is secure?
Most importantly, how do you know when to stop? At some point, you're
going to have to accept some level of risk.
--kurt
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2004-11-07 15:49 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-11-06 20:16 [gentoo-security] Trojan for Gentoo, part 2 Alexander Holler
2004-11-07 0:31 ` [gentoo-security] " Chris Frey
2004-11-07 13:10 ` [gentoo-security] help blocking automated ssh scanning attack script Brian G. Peterson
2004-11-07 13:16 ` Gary Nichols
2004-11-07 13:31 ` Brian G. Peterson
2004-11-07 13:37 ` Rui Covelo
2004-11-07 13:50 ` aScii
2004-11-08 4:44 ` Kim Nielsen
2004-11-07 14:50 ` [gentoo-security] Re: Trojan for Gentoo, part 2 Jason Rojas
2004-11-07 17:01 ` Carsten Lohrke
2004-11-07 15:23 ` Kurt Lieber
2004-11-07 15:44 ` Peter Simons
2004-11-07 15:49 ` Kurt Lieber [this message]
2004-11-07 16:01 ` Jan Groenewald
2004-11-07 16:07 ` Peter Simons
2004-11-07 16:52 ` Dan Margolis
2004-11-07 17:43 ` Andreas Waschbuesch
2004-11-07 17:52 ` Dan Margolis
2004-11-07 19:08 ` Chocron J.
2004-11-07 19:11 ` Andreas Waschbuesch
2004-11-08 2:41 ` [gentoo-security] How to authenticate the portage tree Peter Simons
2004-11-08 9:37 ` [gentoo-security] Gentoo Portage Attack Tree Ervin Németh
2004-11-08 10:11 ` Kurt Lieber
2004-11-08 12:15 ` [gentoo-security] " Peter Simons
2004-11-12 7:00 ` Ed Grimm
2004-11-08 20:05 ` [gentoo-security] How to authenticate the portage tree Marius Mauch
2004-11-07 13:14 ` [gentoo-security] Is anybody else worried about this? (was: Trojan for Gentoo, part 2) Peter Simons
2004-11-07 15:40 ` [gentoo-security] Is anybody else worried about this? Marc Ballarin
2004-11-07 15:15 ` Tobias Klausmann
2004-11-07 15:20 ` Alex
2004-11-07 15:28 ` [gentoo-security] " Peter Simons
2004-11-07 15:45 ` Rui Covelo
2004-11-07 16:44 ` [gentoo-security] " Chris Frey
2004-11-07 17:04 ` Rui Covelo
2004-11-07 17:11 ` [gentoo-security] " Chris Frey
2004-11-07 17:56 ` [gentoo-security] " Peter Simons
2004-11-07 18:00 ` Marc Ballarin
2004-11-07 17:26 ` Barry.Schwartz
2004-11-07 16:31 ` Chris Frey
2004-11-07 17:07 ` [gentoo-security] " Dan Margolis
[not found] ` <418E5425.6070400@seas.upenn.edu>
2004-11-07 18:34 ` Marc Ballarin
2004-11-07 17:57 ` Dan Margolis
2004-11-07 19:36 ` Marc Ballarin
2004-11-07 18:51 ` [gentoo-security] " Peter Simons
2004-11-08 20:12 ` Marius Mauch
2004-11-07 15:40 ` [gentoo-security] Is anybody else worried about this? (was: Trojan for Gentoo, part 2) Kurt Lieber
2004-11-07 17:01 ` [gentoo-security] " Chris Frey
2004-11-07 18:35 ` Dan Noe
2004-11-07 19:04 ` Marc Ballarin
2004-11-07 18:25 ` Peter Simons
2004-11-07 23:26 ` Kurt Lieber
2004-11-07 23:52 ` [gentoo-security] No, apparently not. (was: Is anybody else worried about this?) Peter Simons
2004-11-08 0:17 ` Kurt Lieber
2004-11-08 1:05 ` [gentoo-security] " Peter Simons
2004-11-08 1:08 ` Anthony Gorecki
2004-11-08 1:18 ` Peter Simons
2004-11-08 16:11 ` Jake Hawkes
2004-11-08 1:31 ` Kurt Lieber
2004-11-08 1:35 ` Peter Simons
2004-11-08 9:19 ` Tobias Klausmann
2004-11-08 10:19 ` Kurt Lieber
2004-11-08 11:53 ` Tobias Klausmann
2004-11-08 12:17 ` Anthony Metcalf
2004-11-08 10:30 ` [gentoo-security] Re: No, apparently not Thierry Carrez
2004-11-08 12:01 ` Peter Simons
2004-11-08 10:36 ` [gentoo-security] Keys on a cd? Anthony Metcalf
2004-11-08 13:30 ` Kurt Lieber
2004-11-08 2:17 ` [gentoo-security] No, apparently not Brian Bilbrey
2004-11-08 2:33 ` [gentoo-security] " Peter Simons
2004-11-08 2:49 ` [gentoo-security] " Ed Grimm
2004-11-08 2:51 ` [gentoo-security] " Peter Simons
2004-11-08 3:01 ` Ed Grimm
2004-11-08 3:08 ` Peter Simons
2004-11-08 1:03 ` [gentoo-security] Re: Re: Is anybody else worried about this? (was: Trojan for Gentoo, part 2) Chris Frey
2004-11-08 1:19 ` Kurt Lieber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20041107154922.GH10927@mail.lieber.org \
--to=klieber@gentoo.org \
--cc=gentoo-security@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox