Archives
Archives
| From: | "Robin H. Johnson (robbat2)" <robbat2@g.o> |
|---|---|
| To: | gentoo-commits@l.g.o |
| Subject: | [gentoo-commits] gentoo commit in users/robbat2/tree-signing-gleps: 00-proposal-overview |
| Date: | Tue, 11 Dec 2007 09:29:28 |
| Message-Id: | E1J21QS-0005Zn-IY@stork.gentoo.org |
| 1 | robbat2 07/12/11 09:29:16 |
| 2 | |
| 3 | Modified: 00-proposal-overview |
| 4 | Log: |
| 5 | Fix from genone. |
| 6 | |
| 7 | Revision Changes Path |
| 8 | 1.6 users/robbat2/tree-signing-gleps/00-proposal-overview |
| 9 | |
| 10 | file : http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/00-proposal-overview?rev=1.6&view=markup |
| 11 | plain: http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/00-proposal-overview?rev=1.6&content-type=text/plain |
| 12 | diff : http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/00-proposal-overview?r1=1.5&r2=1.6 |
| 13 | |
| 14 | Index: 00-proposal-overview |
| 15 | =================================================================== |
| 16 | RCS file: /var/cvsroot/gentoo/users/robbat2/tree-signing-gleps/00-proposal-overview,v |
| 17 | retrieving revision 1.5 |
| 18 | retrieving revision 1.6 |
| 19 | diff -p -w -b -B -u -u -r1.5 -r1.6 |
| 20 | --- 00-proposal-overview 28 Nov 2007 04:36:48 -0000 1.5 |
| 21 | +++ 00-proposal-overview 11 Dec 2007 09:29:16 -0000 1.6 |
| 22 | @@ -1,7 +1,7 @@ |
| 23 | GLEP: xx |
| 24 | Title: Security of distribution of Gentoo software - Overview |
| 25 | -Version: $Revision: 1.5 $ |
| 26 | -Last-Modified: $Date: 2007/11/28 04:36:48 $ |
| 27 | +Version: $Revision: 1.6 $ |
| 28 | +Last-Modified: $Date: 2007/12/11 09:29:16 $ |
| 29 | Author: Robin Hugh Johnson <robbat2@g.o>, |
| 30 | Patrick Lauer <patrick@g.o>, |
| 31 | Status: Draft |
| 32 | @@ -128,9 +128,9 @@ signed. |
| 33 | A simple example of such an attack and a partial solution for eclasses |
| 34 | is presented in [ http://thread.gmane.org/gmane.linux.gentoo.devel/24677 |
| 35 | ]. It shows quite well that any non-Gentoo controlled rsync mirror can |
| 36 | -modify executable code; as much of this code is per default run as user |
| 37 | +modify executable code; as much of this code is per default run as root |
| 38 | a malicious mirror could compromise hundreds of systems per day - if |
| 39 | -cloaked well enough such an attack could run for weeks before being |
| 40 | +cloaked well enough, such an attack could run for weeks before being |
| 41 | noticed. As there are no effective safeguards right now users are left |
| 42 | with the choice of either syncing from the sometimes slow or even |
| 43 | unresponsive Gentoo-controlled rsync mirrors or risk being compromised |
| 44 | |
| 45 | |
| 46 | |
| 47 | -- |
| 48 | gentoo-commits@g.o mailing list |