Re: securing/monitoring Debian devel environment
On Wed, 22 Dec 2010, Timo Juhani Lindfors wrote:
> > script). The only way to completely prevent that would be to develop and
> > build packages in a completely isolated (virtual machine) environment
> Interesting ideas but don't you also need to run the produced binaries
> in isolation?
exactly -- that is what I meant by 'built (...) and *tested*' ;)
> If we assume a malicious upstream they can surely make
> the build innocent but then have the produced binaries launch sudojump
> >...<
sure -- many bad things can happen in various reincarnations of the
malicious desires of upstreams or just those who hijack their
projects/distribution ;-)
the question remains: how could we set our development
environments so they remain convenient to use and would help us to
detect such misdemeanours so we keep Debian infrastructure secure.
Pure isolation of build/test environment would help, but without easy
monitoring, it would just postpone detection of malicious attempts so
they would activate (again) during builds across our buildd farm, or
running on the boxes of those who installed the packages (often DDs as
well, since we do eat our own ...)
--
=------------------------------------------------------------------=
Keep in touch www.onerussian.com
Yaroslav Halchenko www.ohloh.net/accounts/yarikoptic
Reply to: