[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Revival of the signed debs discussion

On Tue, Dec 02, 2003 at 11:07:53AM +0100, Andreas Barth wrote:
> > The canoical attack against signed debs in this situation is to find a
> > signed deb on snapshot.debian.net that contains a known security hole.
> To avoid this attack, it is necessary that the filename of the deb or
> the version of the package is also signed.

The filename is pretty much irrlevant to tools everywhere; I don't see
any benefit in mucking with that.  Besides, it can get altered along the

Since the version of the package is part of the control file, and
debsigs signs the control data along with the package contents, the
version is already protected by debsigs.

-- John

Reply to: