Date: Tue, 29 Nov 2005 13:36:31 -0200 From: "aristeu" <suporte@wahtec.com.br> To: <freebsd-security@freebsd.org> Subject: Re: Reflections on Trusting Trust Message-ID: <002601c5f4fa$b5115320$e403000a@rickderringer> References: <20051129120151.5A2FB16A420@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm new here, and I've posted only once. I just want to add my "just another user" opinion on this... Signing security advisories that sends the hashes for a file does a nice job. I think the only problem that exists is the package/ports deployment. I belive we can't trust only on hashes for this (tar already does a fine job on integrity...), because it can be easily circunvented. Maybe trusting this it is the real weakest link... One thing that could do a good job is default install gnupg and pre-install some important pgp public keys on ISOs releases, on root's profile... This pre-installed keys can be used by users, ports or pkg_tools, while installing or updating packages/ports. Who will sign is another problem, but I think it will improove things a bit anyway, minimising mitm attacks. My mom used to say "always prefer the pre-installed pub keys...". []'s aristeu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002601c5f4fa$b5115320$e403000a>