Re: Signing Packages.gz

To: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
Cc: debian-devel@lists.debian.org
Subject: Re: Signing Packages.gz
From: Jason Gunthorpe <jgg@ualberta.ca>
Date: Mon, 3 Apr 2000 13:07:40 -0600 (MDT)
Message-id: <Pine.LNX.3.96.1000403130615.16294H-100000@wakko.deltatee.com>
In-reply-to: <20000403121540.C311@ulysses.alg.ruhr-uni-bochum.de>

On Mon, 3 Apr 2000, Marcus Brinkmann wrote:

> >   1) Break root on master
> >   2) Use that to break user account on developer victum (any will do)
> >      (Hint: I have already shown that torsten at least could be 
> >       attacked quite easially)
> >   3) Steal PGP key
> >   4) Use stolen PGP to form new glibc package with trojan, sneak into
> >      archive using #1
> 
> And it wouldn't be strange that random Joe is uploading a pgp package?
> And random joe or the real glibc maintainer will not speak up if this
> really happens?

Read carefully, there would be no uploading. There would be no NMU, there
woudl be No Trail. The only way this would be detected is when someone
fetched the .deb, noticed it was not Signed by Espy, checked the archives
for Signs of a NMU, found none and emailed the FTP masters to see what was
up. (ie, 99% of the people will not detect the problem)

Not very usefull is it?

Jason

Reply to:

References:
- Re: Signing Packages.gz
  - From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>

Prev by Date: Re: New shmfs and Debian
Next by Date: Re: Signing Packages.gz
Previous by thread: Re: Signing Packages.gz
Next by thread: Re: Signing Packages.gz
Index(es):
- Date
- Thread