Date: Sat, 21 Jun 2003 18:18:18 -0700 From: David Schultz <das@FreeBSD.ORG> To: Colin Percival <colin.percival@wadham.ox.ac.uk> Cc: ultraviolet@epweb.co.za Subject: Re: Cryptographically enabled ports tree. Message-ID: <20030622011818.GA59989@HAL9000.homeunix.com> In-Reply-To: <5.0.2.1.1.20030621193449.02c91ce8@popserver.sfu.ca> References: <5.0.2.1.1.20030621175853.02c92e00@popserver.sfu.ca> <20030621163835.GA18653@tulip.epweb.co.za> <5.0.2.1.1.20030621175853.02c92e00@popserver.sfu.ca> <5.0.2.1.1.20030621193449.02c91ce8@popserver.sfu.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jun 21, 2003, Colin Percival wrote: > At 19:54 21/06/2003 +0200, William Fletcher wrote: > >One other thing while I'm at making a clown of myself. > > > >Wouldn't it be an absolute joke if someone rooted a redhat box on > >your network, dns poisoned for cvsup.*.freebsd.org and promptly > >found a way to create a cvsup-mirror on another machine > >with modified source. > > I'm not sure I'd use the word "joke"... yes, that would definitely be a > problem. > Another security problem is FTP installs; sysinstall doesn't have any > sort of signature verification built in, so anyone doing an FTP install > could find themselves installing trojans. The only secure distribution, > AFAIK, is the ISO image, because the MD5 sum of that is announced in a > (signed) release announcement. We already have MD5 checksums of each port, so all it takes is to have so@ sign a MAC for the entire ports tree. Now doing something more sophistocated and seamless would be a little bit more effort...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030622011818.GA59989>