Re: [RFC] Proposal for new source format

[Ansgar <ansgar@43-1.org>]

Simon McVittie writes:
> On Tue, 22 Oct 2019 at 05:22:57 +0200, Bastian Blank wrote:
>> - Files need to be compressed and are recorded as such, which is a hard
>>   problem and give rise to tools like pristine-tar and such.
>
> My understanding is that this is deliberate: it means the only layer
> with the hard requirement to be able to cope with malicious/crafted files
> without introducing security vulnerabilities (whether that means arbitrary
> code execution via parser bugs, or denial of service via "zip bombs")
> is the PGP signature verification on the (uncompressed) .dsc. Everything
> else is authenticated before being decompressed, either directly via
> the PGP signature or via the authenticated hashes in the .dsc.

I think there are two separate uses:

 - if you want to validate that the upload is as intended by the
   maintainer, then a signature of the uncompressed source is
   sufficient. (A signature over the compressed source works too if you
   do not want to switch to new compression format later.)

 - for all other purposes (regular downloads, ...), one would like a
   signature over the data that is used, i.e. usually for downloads of
   the compressed variant.

kernel.org uses a similar scheme: there are signatures for the
uncompressed tarballs by the maintainer (linux-*.tar.sign).  In addition
there is a sha256sums.asc which has strong hashes of the compresssed
files (linux-*.tar.{gz,xz}) and is signed by their archive management
system.

As far as I understand git-archive is fairly good as reproducing
identical uncompressed tarballs at a later time from the git repository.

Ansgar