From: Rui Covelo <rpfc@mega.ist.utl.pt>
To: Peter Simons <simons@cryp.to>
Cc: gentoo-security@lists.gentoo.org
Subject: Re: [gentoo-security] Re: Is anybody else worried about this?
Date: Sun, 07 Nov 2004 15:45:21 +0000 [thread overview]
Message-ID: <418E4311.6070105@mega.ist.utl.pt> (raw)
In-Reply-To: <87hdo1u1a3.fsf@peti.cryp.to>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Peter Simons wrote:
| This problem has nothing to do with trusted or untrusted
| code, it is about data integrity. Or, more accurately, about
| _lack_ thereof.
Security is always about trust. You have to trust someone or something.
Data, keys, servers, admins, protocols, passwords, algorithms, something...
| > (1) the server has not been compromised
|
| How do I very this? Is there a list of SHA1 hashes of all
| files /usr/portage is supposed to contain?
Where would you store that list? In a trusted server? Would you trust
the server admin of that server?
| > (3) the server operator is trustworthy
| > (4) the person that originally created the software is trustworthy
| > (5) the server operator's are sufficiently skilled to protect the
software
| > (6) the person that originally created the software is suffciently
skilled
| > to protect it
|
| None of these points are relevant for the problem we are
| talking about. If Gentoo provides proper means of
| authenticating the data I receive from the mirror, I don't
| _need_ to trust the mirror's operator.
You need to trust the operator of the authentication server...
| > However, none of those issues is specific to Gentoo or
| > Open Source as a whole.
|
| The fact that other projects have the same problem doesn't
| mean that the problem shouldn't be fixed in Gentoo.
Agreed! This issue is important.
| > IMO the purely technical issues have been solved mostly.
| > However, those are smallest and least important part.
|
| So how long will it (approximately) take until this problem
| is fixed?
Well... I guess until someone comes up with a solution! Not the problem!
The problem is already known. Gentoo is based on the comunity. The
comunity has to come up with solutions. Not wait for highly payd
developers to solve everything like in some known corporations. At least
~ this is how I see Gentoo. Maybe I'm wrong...
Alex's ideia looks interesting:
| Just a question : could it be a good idea to move md5 on another server
| or to do 'emerge sync' asking for files on server A and digest files on
| server B where server B is any server in gentoo rsync rollover but not
| server A...
|
| Then, person have to compromise server A and server B to get his hack
| working...
|
| Hope this help
|
| Cheers
Redundancy could be a way to mitigate this problem. It wont solve it thou...
- ---
Rui Covelo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBjkMQfLPhlaxNQk0RAvogAJ4o8042MBgvnqsp525orqXMfOn5/ACfR2Nb
5VmAOoUrvQAIRqmvg5khvB0=
=5aGG
-----END PGP SIGNATURE-----
--
gentoo-security@gentoo.org mailing list
next prev parent reply other threads:[~2004-11-07 15:45 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-11-06 20:16 [gentoo-security] Trojan for Gentoo, part 2 Alexander Holler
2004-11-07 0:31 ` [gentoo-security] " Chris Frey
2004-11-07 13:10 ` [gentoo-security] help blocking automated ssh scanning attack script Brian G. Peterson
2004-11-07 13:16 ` Gary Nichols
2004-11-07 13:31 ` Brian G. Peterson
2004-11-07 13:37 ` Rui Covelo
2004-11-07 13:50 ` aScii
2004-11-08 4:44 ` Kim Nielsen
2004-11-07 14:50 ` [gentoo-security] Re: Trojan for Gentoo, part 2 Jason Rojas
2004-11-07 17:01 ` Carsten Lohrke
2004-11-07 15:23 ` Kurt Lieber
2004-11-07 15:44 ` Peter Simons
2004-11-07 15:49 ` Kurt Lieber
2004-11-07 16:01 ` Jan Groenewald
2004-11-07 16:07 ` Peter Simons
2004-11-07 16:52 ` Dan Margolis
2004-11-07 17:43 ` Andreas Waschbuesch
2004-11-07 17:52 ` Dan Margolis
2004-11-07 19:08 ` Chocron J.
2004-11-07 19:11 ` Andreas Waschbuesch
2004-11-08 2:41 ` [gentoo-security] How to authenticate the portage tree Peter Simons
2004-11-08 9:37 ` [gentoo-security] Gentoo Portage Attack Tree Ervin Németh
2004-11-08 10:11 ` Kurt Lieber
2004-11-08 12:15 ` [gentoo-security] " Peter Simons
2004-11-12 7:00 ` Ed Grimm
2004-11-08 20:05 ` [gentoo-security] How to authenticate the portage tree Marius Mauch
2004-11-07 13:14 ` [gentoo-security] Is anybody else worried about this? (was: Trojan for Gentoo, part 2) Peter Simons
2004-11-07 15:40 ` [gentoo-security] Is anybody else worried about this? Marc Ballarin
2004-11-07 15:15 ` Tobias Klausmann
2004-11-07 15:20 ` Alex
2004-11-07 15:28 ` [gentoo-security] " Peter Simons
2004-11-07 15:45 ` Rui Covelo [this message]
2004-11-07 16:44 ` [gentoo-security] " Chris Frey
2004-11-07 17:04 ` Rui Covelo
2004-11-07 17:11 ` [gentoo-security] " Chris Frey
2004-11-07 17:56 ` [gentoo-security] " Peter Simons
2004-11-07 18:00 ` Marc Ballarin
2004-11-07 17:26 ` Barry.Schwartz
2004-11-07 16:31 ` Chris Frey
2004-11-07 17:07 ` [gentoo-security] " Dan Margolis
[not found] ` <418E5425.6070400@seas.upenn.edu>
2004-11-07 18:34 ` Marc Ballarin
2004-11-07 17:57 ` Dan Margolis
2004-11-07 19:36 ` Marc Ballarin
2004-11-07 18:51 ` [gentoo-security] " Peter Simons
2004-11-08 20:12 ` Marius Mauch
2004-11-07 15:40 ` [gentoo-security] Is anybody else worried about this? (was: Trojan for Gentoo, part 2) Kurt Lieber
2004-11-07 17:01 ` [gentoo-security] " Chris Frey
2004-11-07 18:35 ` Dan Noe
2004-11-07 19:04 ` Marc Ballarin
2004-11-07 18:25 ` Peter Simons
2004-11-07 23:26 ` Kurt Lieber
2004-11-07 23:52 ` [gentoo-security] No, apparently not. (was: Is anybody else worried about this?) Peter Simons
2004-11-08 0:17 ` Kurt Lieber
2004-11-08 1:05 ` [gentoo-security] " Peter Simons
2004-11-08 1:08 ` Anthony Gorecki
2004-11-08 1:18 ` Peter Simons
2004-11-08 16:11 ` Jake Hawkes
2004-11-08 1:31 ` Kurt Lieber
2004-11-08 1:35 ` Peter Simons
2004-11-08 9:19 ` Tobias Klausmann
2004-11-08 10:19 ` Kurt Lieber
2004-11-08 11:53 ` Tobias Klausmann
2004-11-08 12:17 ` Anthony Metcalf
2004-11-08 10:30 ` [gentoo-security] Re: No, apparently not Thierry Carrez
2004-11-08 12:01 ` Peter Simons
2004-11-08 10:36 ` [gentoo-security] Keys on a cd? Anthony Metcalf
2004-11-08 13:30 ` Kurt Lieber
2004-11-08 2:17 ` [gentoo-security] No, apparently not Brian Bilbrey
2004-11-08 2:33 ` [gentoo-security] " Peter Simons
2004-11-08 2:49 ` [gentoo-security] " Ed Grimm
2004-11-08 2:51 ` [gentoo-security] " Peter Simons
2004-11-08 3:01 ` Ed Grimm
2004-11-08 3:08 ` Peter Simons
2004-11-08 1:03 ` [gentoo-security] Re: Re: Is anybody else worried about this? (was: Trojan for Gentoo, part 2) Chris Frey
2004-11-08 1:19 ` Kurt Lieber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=418E4311.6070105@mega.ist.utl.pt \
--to=rpfc@mega.ist.utl.pt \
--cc=gentoo-security@lists.gentoo.org \
--cc=simons@cryp.to \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox