Re: Signing Packages.gz

To: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
Cc: Torsten Landschoff <torsten@debian.org>, debian-devel@lists.debian.org
Subject: Re: Signing Packages.gz
From: Jason Gunthorpe <jgg@ualberta.ca>
Date: Sat, 1 Apr 2000 15:16:23 -0700 (MST)
Message-id: <Pine.LNX.3.96.1000401151000.458J-100000@wakko.deltatee.com>
In-reply-to: <20000401224854.C1024@ulysses.dhis.net>

On Sat, 1 Apr 2000, Marcus Brinkmann wrote:

> Wrong. If you have signed debs, and you are careful when updating the
> debian-keyring package, there is no risk even if master is compromised.

Hahha!

Sorry, your are deluded if you belive this :> Seriously, if someone can
hack master we are all vunerable - how many people out there do you think
use the same password on master as on their home boxes? How many people
foward ssh agents and put that key in their home .ssh/authorized_keys? How
many people have foolishly left their pgp key on master?

Hint: Lots to all of the above [except the last, we purged a bunch of
people for that awhile ago].

If master is compromized right now, we would take the d-changes archive
from a more secure machine [which we may not even have, hence the interest
in storing that in the archive], a slink cd, some potato CDs developers
might have, etc, and begin painstakingly verfiying each and every .deb and
.dsc to make sure it comes from where it was supposed to come from - there
is no automated way to do this and only people like James would actually
know who should be singing what packages. 

Jason

Reply to:

Follow-Ups:
- Re: Signing Packages.gz
  - From: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>
- Re: Signing Packages.gz
  - From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>

References:
- Re: Signing Packages.gz
  - From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>

Prev by Date: Re: Signing Packages.gz
Next by Date: Re: Signing Packages.gz
Previous by thread: Re: Signing Packages.gz
Next by thread: Re: Signing Packages.gz
Index(es):
- Date
- Thread