Re: Revival of the signed debs discussion
Tom <tb.31123.nospam@comcast.net> writes:
> On Tue, Dec 02, 2003 at 11:07:53AM +0100, Andreas Barth wrote:
> > * Joey Hess (joeyh@debian.org) [031202 02:55]:
> > > Goswin von Brederlow wrote:
> > > > What can we do with deb signatures?
> > > >
> > > > For our current problem, the integrity of the debian archive being
> > > > questioned, the procedure would be easy and available to every user:
> > > >
> > > > 1. get any clean Debian keyring (or just the key signing the keyring)
> > > > 2. verify the latest Debian keyring
> > > > 3. verify that each deb was signed by a DD and the signature fits
>
> What precautions are taken that the DD actually signed it with the DD's
> private key? After all this compromise was due to a DD's machine being
> compromised. I don't think you can audit every DD's workstation to make
> sure the keys are well managed.
>
> Set aside the possibility that the DD herself is actually the attacker.
> You have to have an answer for these remote possibilities. (Things tend
> to get maximally bad).
You never can. But once the compromise or the DD is found out it would
be easy to scan the archive for possible compromised packages audit
the sources and rebuild the binaries.
Nothing prevents an attacker from uploading sources with backdors now
once he has the private key and passphrase of the maintainer which
would be far worse than uploading a compromsed binary.
> > > The canoical attack against signed debs in this situation is to find a
> > > signed deb on snapshot.debian.net that contains a known security hole.
> >
> > To avoid this attack, it is necessary that the filename of the deb or
> > the version of the package is also signed.
The control file is which holds all the information. The filename is
irelevant (my d-i images have filenames without version infromation
for example).
MfG
Goswin
Reply to: