From owner-freebsd-security  Fri Jun 20 18:17:21 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id SAA06544
          for security-outgoing; Fri, 20 Jun 1997 18:17:21 -0700 (PDT)
Received: from hydrogen.nike.efn.org (resnet.uoregon.edu [128.223.170.28])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id SAA06535
          for <freebsd-security@FreeBSD.ORG>; Fri, 20 Jun 1997 18:17:15 -0700 (PDT)
Received: (from jmg@localhost)
	by hydrogen.nike.efn.org (8.8.5/8.8.5) id SAA03761;
	Fri, 20 Jun 1997 18:17:53 -0700 (PDT)
Message-ID: <19970620181753.20772@hydrogen.nike.efn.org>
Date: Fri, 20 Jun 1997 18:17:53 -0700
From: John-Mark Gurney <jmg@hydrogen.nike.efn.org>
To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Attempt to compromise root
References: <33AAB0CA.2781E494@fsl.noaa.gov> <199706201909.PAA02705@khavrinen.lcs.mit.edu> <199706202045.QAA02968@khavrinen.lcs.mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.69
In-Reply-To: <199706202045.QAA02968@khavrinen.lcs.mit.edu>; from Garrett Wollman on Fri, Jun 20, 1997 at 04:45:01PM -0400
Reply-To: John-Mark Gurney <gurney_j@resnet.uoregon.edu>
Organization: Cu Networking
X-Operating-System: FreeBSD 2.2.1-RELEASE i386
X-PGP-Fingerprint: B7 EC EF F8 AE ED A7 31  96 7A 22 B3 D8 56 36 F4
X-Files: The truth is out there
X-URL: http://resnet.uoregon.edu/~gurney_j/
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Garrett Wollman scribbled this message on Jun 20:
> <<On Fri, 20 Jun 1997 15:09:16 -0400 (EDT), I wrote:
> 
> > There already is such a thing.  Every recent release includes mtree
> > files with md5 digests of everything included in the distribution.
> > See the FTP site or CD-ROM.
> 
> I forgot to mention....
> 
> Probably the release engineer should generate and publish a digital
> signature of the files and the distribution's associated
> CHECKSUMS.MD5.  Actually, the installation system ought to be able
> itself to at least verify the MD5s of the tarballs it retrieves.

actually... I've submitted patches to Jordan that will add a -verify
flag to the install.sh scripts...  I just don't have the resources
to build a release, so I can't test the patches...

-- 
  John-Mark Gurney                          Modem/FAX: +1 541 683 6954
  Cu Networking

  Live in Peace, destroy Micro$oft, support free software, run FreeBSD