1 |
On Thursday 19 February 2009, Robin H. Johnson wrote: |
2 |
> On Thu, Feb 19, 2009 at 10:47:33AM +0100, Robert Buchholz wrote: |
3 |
> > > Your count of needing to attack two boxes presently is wrong. |
4 |
> > > Just pick some community rsyncNN.CC.gentoo.org that also hosts |
5 |
> > > distfiles via HTTP/FTP, and attack that box, replacing both a |
6 |
> > > Manifest and the distfile. |
7 |
> > |
8 |
> > The rsync attack can be avoided by using the signed tree tarballs. |
9 |
> > The DIST hash attack can't. |
10 |
> |
11 |
> Err, unless I'm missing something, the signed-tree stuff (as tarballs |
12 |
> or MetaManifest per my GLEPs) does prevent the DIST hash issue as |
13 |
> well. For a signed tree (where the Manifests and full tree contents |
14 |
> are verifiable), I don't see how you would subvert a distfile and NOT |
15 |
> have it detected (short of defeating the hash functions). |
16 |
|
17 |
Maybe I should have been clearer. By the "DIST hash attack" I meant an |
18 |
attack on the original location of the distfile where you would need to |
19 |
run a man-in-the-middle attack on the developer and either the |
20 |
distfiles master or the user downloading the file. That's why I said |
21 |
right now you need to attack two boxes, and by removing DIST entries |
22 |
from Manifest this would be reduced to one. |
23 |
|
24 |
|
25 |
Robert |