[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: securing/monitoring Debian devel environment

On Wed, 22 Dec 2010, Timo Juhani Lindfors wrote:
> > script). The only way to completely prevent that would be to develop and
> > build packages in a completely isolated (virtual machine) environment
> Interesting ideas but don't you also need to run the produced binaries
> in isolation?

exactly -- that is what I meant by 'built (...) and *tested*' ;)

> If we assume a malicious upstream they can surely make
> the build innocent but then have the produced binaries launch sudojump
> >...<

sure -- many bad things can happen in various reincarnations of the
malicious desires of upstreams or just those who hijack their
projects/distribution ;-)

the question remains: how could we set our development
environments so they remain convenient to use and would help us to
detect such misdemeanours so we keep Debian infrastructure secure.

Pure isolation of build/test environment  would help, but without easy
monitoring, it would just postpone detection of malicious attempts so
they would activate (again) during builds across our buildd farm, or
running on the boxes of those who installed the packages (often DDs as
well, since we do eat our own ...)

Keep in touch                                     www.onerussian.com
Yaroslav Halchenko                 www.ohloh.net/accounts/yarikoptic

Reply to: