From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 25166 invoked from network); 10 Nov 2004 13:31:51 +0000 Received: from smtp.gentoo.org (156.56.111.197) by lists.gentoo.org with AES256-SHA encrypted SMTP; 10 Nov 2004 13:31:51 +0000 Received: from lists.gentoo.org ([156.56.111.196] helo=parrot.gentoo.org) by smtp.gentoo.org with esmtp (Exim 4.41) id 1CRsZj-0001Nv-5j for arch-gentoo-security@lists.gentoo.org; Wed, 10 Nov 2004 13:31:51 +0000 Received: (qmail 6461 invoked by uid 89); 10 Nov 2004 13:31:29 +0000 Mailing-List: contact gentoo-security-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-security@gentoo.org Received: (qmail 13692 invoked from network); 10 Nov 2004 13:31:29 +0000 Date: Wed, 10 Nov 2004 13:31:21 +0000 From: Anthony Metcalf To: gentoo-security@lists.gentoo.org Message-Id: <20041110133121.00007f3c@Halloween> In-Reply-To: <1100093186.10299.27.camel@cobra> References: <20041110020620.F1ADE2B3DB@smtp.istop.com> <20041109233509.A19723@netdirect.ca> <200411101400.39645.jstubbs@work-at.co.jp> <1100091284.10299.19.camel@cobra> <20041110125531.GA13071@aeon.user.lan.at> <1100093186.10299.27.camel@cobra> X-Mailer: Sylpheed version 0.9.10claws (GTK+ 1.3.0; Win32) Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha1"; boundary="Signature=_Wed__10_Nov_2004_13_31_21_+0000_fVh5Y+4UWZ+0ZN_X" Subject: Re: [gentoo-security] Re: Out of air X-Archives-Salt: b479d334-471b-4826-8fd0-4a9f746eceba X-Archives-Hash: 84bd9405df3db03dda4fca5f8bc300bb --Signature=_Wed__10_Nov_2004_13_31_21_+0000_fVh5Y+4UWZ+0ZN_X Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: 7bit On Wed, 10 Nov 2004 13:26:26 +0000 Antoine Martin wrote: > Sure, I agree with you. This is would not solve *all* problems. > > But it would solve the problem that this thread started on, which is to > trust all the hops between your box and the gentoo servers. Which is a > greater risk than a compromised gentoo server. The point, as many people have said, is that the "simple solution" is not as simple as it looks. The changes necessary to allow having up to date hashes of all the files, the file contining the hashes signed, and the checking of the file, and the hashes, *before* any remote info is run, would add significat develpoment time, prolonging the time for the *better* solution. Not to mention the processing would add a lot of overhead. Like to guess how long it would take to compile a list of hashes for the 100,000+ files in portage on my 450MHz server? Yes there is a problem, yes there is a fix, the fix is on it's way, be patient. --Signature=_Wed__10_Nov_2004_13_31_21_+0000_fVh5Y+4UWZ+0ZN_X Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) iD8DBQFBkhgsOohvONSMAioRAlwaAKCi3DfTQhR2Kwkmed3jrWrOd+/t/ACgiK+e 70It108bz07udZPbb/Kj1yY= =5syG -----END PGP SIGNATURE----- --Signature=_Wed__10_Nov_2004_13_31_21_+0000_fVh5Y+4UWZ+0ZN_X--