Re: [RFC] Proposal for new source format

To: debian-devel@lists.debian.org
Cc: debian-dpkg@lists.debian.org, ftpmaster@ftp-master.debian.org
Subject: Re: [RFC] Proposal for new source format
From: Simon McVittie <smcv@debian.org>
Date: Tue, 22 Oct 2019 16:00:28 +0100
Message-id: <[🔎] 20191022150028.GA21063@espresso.pseudorandom.co.uk>
In-reply-to: <[🔎] 20191022032257.t6dq3xbvys547qar@shell.thinkmo.de>
References: <[🔎] 20191022032257.t6dq3xbvys547qar@shell.thinkmo.de>

On Tue, 22 Oct 2019 at 05:22:57 +0200, Bastian Blank wrote:
> - Files need to be compressed and are recorded as such, which is a hard
>   problem and give rise to tools like pristine-tar and such.

My understanding is that this is deliberate: it means the only layer
with the hard requirement to be able to cope with malicious/crafted files
without introducing security vulnerabilities (whether that means arbitrary
code execution via parser bugs, or denial of service via "zip bombs")
is the PGP signature verification on the (uncompressed) .dsc. Everything
else is authenticated before being decompressed, either directly via
the PGP signature or via the authenticated hashes in the .dsc.

    smcv

Reply to:

References:
- [RFC] Proposal for new source format
  - From: Bastian Blank <waldi@debian.org>

Prev by Date: Re: [RFC] Proposal for new source format
Next by Date: ☝ Enkel onze bevoorrechte relaties, tips die altijd nuttig zijn.
Previous by thread: Re: [RFC] Proposal for new source format
Next by thread: Re: [RFC] Proposal for new source format
Index(es):
- Date
- Thread