[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Improving availability and guaranteeing integrity in ISO - internal sha1sums

Olivier Galibert wrote:
On Sun, Jun 10, 2007 at 02:31:51PM +1000, David Timms wrote:
I am not sure how you do that - how can you include inside a piece of data a checksum that uses the data {including itself} to calculate the checksum ?

Standard method is "zero the checksum area, compute the checksum,
write it".  At verification time, copy the checksum area in memory,
zero it and compute the checksum.
Ok, makes sense now how it actually works. An error in the
checksum implanted or the data will be detected, but not the case where an attacker modifies a file, and re-embeds the matching checksum. Thats why the necessity of the external sha1sum and signing.

I've read in f-l and seen myself where "tested good" cd/dvds {media check} that fail during installation when trying to read a particular rpm. Once sha1sum are on the iso, helping the user get to the definite problem {and making them believe it} would be as simple as getting them to run sha1sum -c failing....rpm or a nicer checksumming app.

I also see the other side where media fails the test, but works without error for what the user is installing.

The cost of inserting this info would be pretty minimal - just an extra step in the iso spin process. As Till suggests elsewhere in this thread:
find -type f -print0 | xargs -0 sha1sum >../SHA1SUM
154cbac962cf0e04ffd3163b6526fa8190df1299  ./stylesheet-images/titlepage.png
235e0b26cdc5a41c6d9b58ee57dd665c42611d79  ./stylesheet-images/warning.png

real    1m10.209s
user    0m24.258s
sys     0m6.452s

-rw-r--r-- 1 root root 145080 Jun 11 21:44 SHA1SUM.txt

The resultant SHA1SUM file is acceptable to "sha1sum -c ../SHA1SUM"
{My iso is mounted, not the actual source files, so I cant write to the correct location - hence the ../}.

Since it would probably be more useful for a media contents test script to work from multiple places:
- a running Fedora system
- rescue iso
- dvd iso - linux rescue
- {from another OS - could include dos/win ftp://ftp.gnupg.org/gcrypt/binary/sha1sum.exe} Perhaps it is best to be as simple as possible, rather than python as I first suggested -> bash script: attached. Since scrollback through 1800 files might not be possible directs the output to the users home directory, and uses the return value to state either ~good or ~bad with this files bad or missing.

This could become standard practice on any iso fedora produces {ie including rescue and live}.


Attachment: verify_media_accessibility.sh
Description: application/shellscript

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]