Date: Tue, 29 Nov 2005 18:27:03 -0500 From: Kris Kennaway <kris@obsecurity.org> To: aristeu <suporte@wahtec.com.br> Cc: freebsd-security@freebsd.org Subject: Re: Reflections on Trusting Trust Message-ID: <20051129232703.GA60060@xor.obsecurity.org> In-Reply-To: <002601c5f4fa$b5115320$e403000a@rickderringer> References: <20051129120151.5A2FB16A420@hub.freebsd.org> <002601c5f4fa$b5115320$e403000a@rickderringer>
next in thread | previous in thread | raw e-mail | index | archive | help
--EVF5PPMfhYS0aIcm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Nov 29, 2005 at 01:36:31PM -0200, aristeu wrote: > I'm new here, and I've posted only once. I just want to add my "just=20 > another user" opinion on this... >=20 > Signing security advisories that sends the hashes for a file does a nice= =20 > job. >=20 > I think the only problem that exists is the package/ports deployment. I= =20 > belive we can't trust only on hashes for this (tar already does a fine jo= b=20 > on integrity...), because it can be easily circunvented. Maybe trusting= =20 > this it is the real weakest link... I'd be happy to work with someone who can implement a solution for the package side. The important thing to keep in mind is that packages are built automatically on many distributed machines. Any solution for signing packages would therefore need to also be automated, e.g. signing them automatically when the packages are pulled back from the build client to server. Kris --EVF5PPMfhYS0aIcm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDjOPHWry0BWjoQKURAp5aAJ0XVkDRkRHqAoRd8BwSLF3TGbW9OACfXY2q 2AJSefUV4wqflt2F5PgY92c= =Ylsy -----END PGP SIGNATURE----- --EVF5PPMfhYS0aIcm--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051129232703.GA60060>