Re: buildds: "Authentication warning overridden."

To: debian-devel@lists.debian.org
Subject: Re: buildds: "Authentication warning overridden."
From: Michael Banck <mbanck@debian.org>
Date: Sat, 10 Nov 2007 12:03:52 +0100
Message-id: <[🔎] 20071110110352.GP8029@nighthawk.chemicalconnection.dyndns.org>
In-reply-to: <[🔎] fh36gi$md7$1@ger.gmane.org>
References: <[🔎] fh2vdq$77g$1@ger.gmane.org> <[🔎] E1Iqexj-0001cO-0A@jack.mossbank.org.uk> <[🔎] fh33bi$h22$1@ger.gmane.org> <[🔎] 20071110023558.GN8029@nighthawk.chemicalconnection.dyndns.org> <[🔎] fh36gi$md7$1@ger.gmane.org>

On Fri, Nov 09, 2007 at 08:54:06PM -0600, Raphael Geissert wrote:
> Michael Banck wrote:
> > Won't somebody else stop the attack in their place then, who does check
> > the signatures?
> 
> If a mirror is compromised, unless I'm missing something, it won't be
> updated until ftp-master sends a mirror push. And the period of time
> between the last mirror push, the compromise and the next mirror push might
> be enough for a buildd to download a compromised package.
> 
> The buildd owners would be unable to know that the mirror they use was
> compromised and thus they would probably sign a .changes file for a package
> which might also be compromised (introducing a signature-verified
> compromised package in the archive, affecting all users).

Assuming that compromised mirrors get quickly identified by people using
signatures, and buildd packages having to be uploaded directly, the
amount of compromised packages this way is probably small, so they can
be rebuilt using packages from another mirror, after the build logs have
been inspected to see whether compromised packages have indeed been
used.

Michael

Reply to:

Follow-Ups:
- Re: buildds: "Authentication warning overridden."
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: buildds: "Authentication warning overridden."
  - From: Raphael Geissert <atomo64+debian@gmail.com>

References:
- buildds: "Authentication warning overridden."
  - From: Raphael Geissert <atomo64+debian@gmail.com>
- Re: buildds: "Authentication warning overridden."
  - From: Steve McIntyre <steve@einval.com>
- Re: buildds: "Authentication warning overridden."
  - From: Raphael Geissert <atomo64+debian@gmail.com>
- Re: buildds: "Authentication warning overridden."
  - From: Michael Banck <mbanck@debian.org>
- Re: buildds: "Authentication warning overridden."
  - From: Raphael Geissert <atomo64+debian@gmail.com>

Prev by Date: Opinions sougth: mlocate appropriate for Priority: standard?
Next by Date: Re: Opinions sougth: mlocate appropriate for Priority: standard?
Previous by thread: Re: buildds: "Authentication warning overridden."
Next by thread: Re: buildds: "Authentication warning overridden."
Index(es):
- Date
- Thread