Date: 30 Dec 2002 08:31:08 -0000 From: Mike Meyer <mwm@mired.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: bin/46629: md5 checking is a PITA. Message-ID: <20021230083108.10076.qmail@mired.org>
next in thread | raw e-mail | index | archive | help
>Number: 46629 >Category: bin >Synopsis: md5 checking is a PITA. >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Dec 30 00:40:02 PST 2002 >Closed-Date: >Last-Modified: >Originator: Mike Meyer >Release: FreeBSD 4.7-STABLE i386 >Organization: Meyer Consulting >Environment: System: FreeBSD guru.mired.org 4.7-STABLE FreeBSD 4.7-STABLE #17: Wed Oct 30 09:13:02 CST 2002 mwm@guru.mired.org:/sharetmp/obj/usr/src/sys/GURU i386 >Description: Checking md5 checksums is an error-prone process. >How-To-Repeat: Download something that includes the output of md5 as a CHECKSUMS file. Notice that to confirm the checksum requires verifying the rather long and unpatterned checksum string by eye. >Fix: md5 should have a "-c file" option, which expects the output of md5 to be in file, and confirms that the files listed in "file" exist and match the associated checksums. Yes, this requires trusting the mdd5 binary. On the other hand, very few things one is interested in downloading don't require trusting some system utility, like the c compiler. So this is at worst a marginal change in the security given by the md5 checksums to start yes. Yes, this is trivial to script. It shouldn't be required of every user. Finally, FWIW, I have an Eiffel version of md5 that implements the -c option, but is missing the standard options of md5. It's available on request. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021230083108.10076.qmail>