[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Deltarpm *not* ready for new RPM checksums (was Re: Ready for new RPM version?)



On Sa April 18 2009, Axel Thimm wrote:
> On Tue, Mar 10, 2009 at 07:52:32PM +0200, Jonathan Dieter wrote:
> > On Tue, 2009-03-10 at 19:41 +0200, Jonathan Dieter wrote:
> > > Ok, I've been trying this, but how can we tell if the sequence is
> > > sha256 or md5 if we're *just* given the sequence (i.e. applydeltarpm -c
> > > -s audit-libs-1.7.12-1.fc11-04548395de7d18795d88b32ea98897e90140 where
> > > it's a sha256 sequence)?
> >
> > Ok, I've got it.  We just check against md5 first, then sha256 if md5
> > doesn't match.  It's not elegant, but it should work fine, especially
> > since we're only checking for verification, *not* security.
> >
> > Jonathan
>
> Sorry for jumping in that late, but assuming a malicious deltarpm that
> could fake a matching md5 sum to pass validation, wouldn't it get
> applied and make that a security issue?

This is what I know and hope is true: The deltarpm tools are only used to 
regenerate the original rpms instead of downloading then. Therefore they still 
need to pass all verification that yum or rpm do, e.g. checking the gpg 
signature. Therefore an attacker needs access to the signing keys to create a 
malicous deltarpm that has a real security impact.

Regards
Till

Attachment: signature.asc
Description: This is a digitally signed message part.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]