[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Revival of the signed debs discussion

Andreas Barth <aba@not.so.argh.org> writes:

> * Henning Makholm (henning@makholm.net) [031206 13:25]:
> > Scripsit Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
> > > If a package is compromised we can proof that the DD of the package
> > > either is malicious or incompetent.
> > Say, we just had a major compromise on certain Debian machines. Pray
> > tell, who do you think this proves is malicious or incompetent? We'd
> > certainly want to toss out the culprit ASAP.

If a mail goes around saying the key of xyz got compromised I would
block any package with that key from getting installed (given signed
debs), in a heartbeet.

How or what is to blame can be sorted out later.

> IMHO there can also be a third explanation: "Bad luck". But this also
> nullifies the trust in any keys on any compromised machine - and the
> administrators did replace the keys.

And currently its very hard to remove packages build by a compromised
maintainer from a local system or even check if one has any.


Reply to: