[lug] Package manager vulnerabilities [was Re: Pencast of Trent Hein - Practical Security]
David L. Anselmi
anselmi at anselmi.us
Wed Oct 21 20:45:39 MDT 2009
Sean Reifschneider wrote:
> I agree that the secure channel is important. I remember being shocked
> about Debian's policy that they didn't allow mirrors of security updates
> because they couldn't deal with signed packages, so they didn't want people
> to insert compromises in security packages. Of course, this also applied
> to base packages, but that issue wasn't on their radar.
I don't know about the current mirror policy. Perhaps that was before
they started distributing the archive keyring (only a year or two). Now
a malicious mirror or MITM shouldn't be able to compromise packages but
could still cause a DoS (whether sending down endless data or preventing
new files from being available).
But I think DoS is quite a different risk than unnoticed modification of
packages.
Dave
More information about the LUG
mailing list