[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: YUM security issues...



On Mon, 2008-07-28 at 14:25 -0400, Jesse Keating wrote:
> On Mon, 2008-07-28 at 12:07 -0500, Matt Domsch wrote:
> > 1. repomd.xml needs to be signed. Either attached or detached sig
> >    (advice sought).  If attached, format would be
> 
> I would prefer a detached sig, so that the checksum of repomd.xml itself
> doesn't change if the GPG sig for it does.  This is important as there
> are control files in the compose to track consistency of the tree
> itself, and having the repomd.xml change it's key would invalidate this
> control file.
> 

detached sig definitely. Independent of how (or why) this is done we
will maintain backward compat. Signing the repomd.xml directly will not
allow backward compat (nor cross compat with apt/smart/etc).

I've already written the code for the detached sig - it'll be checked
into yum upstream this afternoon.

-sv



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]