1 |
On Tue, 23 Jan 2007 12:07:46 +0000 |
2 |
Neil Bothwick <neil@××××××××××.uk> wrote: |
3 |
|
4 |
> On Mon, 22 Jan 2007 18:12:07 -0800 (PST), Eric Bohn wrote: |
5 |
> |
6 |
> > Using Portage you're putting yourself at the mercy of any Joe Schmoe |
7 |
> > with a proxy connection to a Gentoo server that wants to compromise |
8 |
> > your machine. |
9 |
> |
10 |
> How so? They'd have to get a compromised source tarball on the |
11 |
> distfiles mirrors and a hacked ebuild into the CVS tree. Getting a |
12 |
> hacked ebuild on the servers isn't enough, it would be replaced in no |
13 |
> more than fifteen minutes. |
14 |
> |
15 |
> Why is this easier than getting a compromised RPM onto a Red Hat or |
16 |
> SUSE server? |
17 |
> |
18 |
> |
19 |
Hi Neil, |
20 |
It'll be the same when the 'new' Manifest2 format is fully implemented. |
21 |
Haven't checked but you need at least ebuild&eclass GPG-signing, etc. |
22 |
There was a discussion (on some Gentoo ML, IIRC 'security') a year or |
23 |
more ago, some very ancient Bug was mentioned. |
24 |
RPMs are signed (but check this again), BTW debs are too. |
25 |
The work is going on this, but i've no info about the progress made. |
26 |
HTH. Rumen |
27 |
-- |
28 |
gentoo-user@g.o mailing list |