Gentoo Archives: gentoo-security

From: dante@×××××××××××××××.net
To: gentoo-security@l.g.o
Subject: [gentoo-security] Securing portage --- an OpenBSD approach
Date: Fri, 12 Nov 2004 12:55:40
1 The recent discussion on how to protect the portage tree from
2 man-in-the-middle attacks has concentrated on signing either the portage
3 tarball or the individual files in the tree.
5 What about approaching the problem the way OpenBSD deals with its ports,
6 that is with cvs over an ssh tunnel to authorized mirrors. The only
7 drawback I see is that many gentoo users use rsync, but the cvs approach
8 could be added on top of what already exists and security conscious users
9 will then have the option of switching.
11 -------------------------------------------------------------------
13 Anthony G. Basile, Ph.D.
14 Director of Information Technology,
15 D'Youville College,
16 320 Porter Ave.
17 Buffalo NY, 14201
19 Work: (716) 829-8197 (voicemail)
22 --
23 gentoo-security@g.o mailing list


Subject Author
Re: [gentoo-security] Securing portage --- an OpenBSD approach Paul de Vrieze <pauldv@g.o>
Re: [gentoo-security] Securing portage --- an OpenBSD approach Klaus Wagner <klaus@××××××××××.net>