1 |
On Sun, 7 Nov 2004 12:51:45 +0100 (MET), Igor V. Rafienko |
2 |
<igorr@×××××××.no> wrote: |
3 |
> on Nov 7, 2004, 11:29, Chris Bainbridge wrote: |
4 |
> |
5 |
> [ ... ] |
6 |
> |
7 |
> | Given that MD5 collisions can be generated in 15 seconds maybe we |
8 |
> | should use something more secure? |
9 |
> |
10 |
> |
11 |
> Hmm... I have heard that MD5 is not collision-resistant[1], but I have not |
12 |
> heard that MD5 is not preimage resistant. Why would |
13 |
> the lack of collision-resistance be a problem in the case of gentoo |
14 |
> package hashes? |
15 |
|
16 |
The most likely attack is via a user submitted patch or ebuild being |
17 |
added to the portage tree. Since the user generated the file, he can |
18 |
also generate a corresponding exploit file with the same hash, and |
19 |
then replace the original on the rsync mirrors. |
20 |
|
21 |
It's an unlikely attack in practice since as already demonstrated if |
22 |
you've compromised an rsync mirror you can already easily exploit |
23 |
clients. |
24 |
|
25 |
-- |
26 |
gentoo-dev@g.o mailing list |