1 |
On Sun, 2003-09-07 at 21:55, Jan Krueger wrote: |
2 |
|
3 |
> So does fixing the security holes in portage. We have identified 2 big ones so |
4 |
> far: |
5 |
> 1. functions like pkg_postinst |
6 |
> 2. easy to compromise bash scripts |
7 |
> and another one is already well known: |
8 |
> 3. the centralized portage tree |
9 |
> |
10 |
> That leads me to the conclusions: |
11 |
> portage is unsecure by design |
12 |
> |
13 |
> Please (the one responsible for it) clearify the statement: |
14 |
> "Thanks to a technology called Portage, Gentoo Linux can become an ideal |
15 |
> secure server" in http://www.gentoo.org/main/en/about.xml |
16 |
> |
17 |
> I have to remove gentoo from my servers a little bit faster it seems... |
18 |
> |
19 |
|
20 |
Ok, but .rpm/.deb have the same kind of flaws ... From here on I can |
21 |
only see that you can use LFS or such, that you can make sure everything |
22 |
is ok. |
23 |
|
24 |
PS: How are you going to verify that gcc's cvs repo was not |
25 |
compromised? Or the kernel's ? I guess you are going to |
26 |
start coding you own kernel, tool-chain and the rest even |
27 |
sooner now that we know how flawed linux, gnuish apps, etc |
28 |
are. |
29 |
|
30 |
|
31 |
-- |
32 |
|
33 |
Martin Schlemmer |
34 |
Gentoo Linux Developer, Desktop/System Team Developer |
35 |
Cape Town, South Africa |