[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Revival of the signed debs discussion

On Fri, Dec 05, 2003 at 12:24:07AM +0100, Goswin von Brederlow wrote:

> Matt Zimmerman <mdz@debian.org> writes:
> > Release signing protects against a hostile or compromised mirror,
> > network, DNS server, proxy server, and a host of other, similar attacks,
> > and also prevents most forms of the "substitute old, vulnerable
> > packages" attack.
> Any compromise happening before the package left ftp-master.d.o is not
> covered by this. That means that if master is compromised a vulnerable
> binary can be slipped into the archive and nothing will detect it.

So the only real-world attack which is addressed by signed debs is an
ftp-master compromise?  This is the only answer you have given to my
original question.

 - mdz

Reply to: