Date: Wed, 14 Mar 2001 13:17:51 -0700 (MST) From: Nate Williams <nate@yogotech.com> To: Adrian Chadd <adrian@FreeBSD.ORG> Cc: Poul-Henning Kamp <phk@critter.freebsd.dk>, freebsd-arch@FreeBSD.ORG Subject: Re: [PATCH] add a SITE MD5 command to ftpd Message-ID: <15023.53743.215996.538067@nomad.yogotech.com> In-Reply-To: <20010314210758.A2405@roaming.cacheboy.net> References: <20010314105918.A5204@roaming.cacheboy.net> <35525.984597779@critter> <20010314210758.A2405@roaming.cacheboy.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > That SITE MD5 would amount to innovation and progress. We don't do > > that in FreeBSD (any more). > > </IRONY> > > hah. > > > I think SITE MD5 should be added, so we can get some experience with > > it. If it isn't a good idea, we'll drop it again, if it is, we > > will propagate it. > > > > The only argument I've seen against was "Uhm, we want to loose our > > current ftpd in favour of XXX" for some value of XXX. I don't think > > it is important which version of ftpd we implement it in, so that > > is hardly an argument against. > > I think o'brien and a few other irc people pointed out that you can't > trust the md5 coming back from the user, so the only thing you *can* > do is download the file and check it yourself. I think everyone's is forgetting the 'real' reason for SITE-MD5. It's existance is not one of 'trust', but the reason to do this is because it allows the ports checker (and mirrors) to determine if a file has changed. Not whether or not it's trustable, not whether or not someone has hacked the server, but whether it has changed or not. The current check only sees if the file exists, but has no way of checking to see if the file has changed and the filename is the same. The ports system itself takes care of the 'trust' issue, but the mirror and ports checkers are less worried about security, and are more interested in checking to see if a file is the same. We have the security mechanism in place to make sure the file is 'trustworthy' (at least, a minimal check anyway). SITE-MD5 fixes this problem. It doesn't try to be all things to all people, but it's not trying to solve world-hunger, just make the existing mirroring and check scripts more intelligent w/out requiring massive amounts of wasted bandwidth. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15023.53743.215996.538067>