[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#540215: Introduce dh_checksums

Russ Allbery wrote:
> The missing link, in this validation scenario, is how to get a signed copy
> of the MD5 checksums of the files in the package.

That's one missing link. The other one is that there are innumerable
ways for an attacker to inject bad behavior/backdoors onto a system
without touching binaries originating from dpkg. Expecting debsums to
protect against any form of attack is bound to result in a false sense
of security; and AFAIK aide makes a credible[1] attempt at solving the
same problem.

see shy jo, who does not need to be CCed anymore on this thread

[1] Though my SWAG is that it's still not complete when you consider
    the boodloader, permissions of files in /dev, or subtly corrupted

Attachment: signature.asc
Description: Digital signature

Reply to: