Re: X-free libraries
On Wed, May 12, 2004 at 03:12:25PM +0200, Robert Millan wrote:
> The signature check in gnuab is not gratuitous. Do you understand the
> implications of signing a binary you have recieved unsigned from the net,
> without any real verification of the authorship of that binary?
> I only find reasonable re-signing a binary made by a trusted developer like
> Marco if it is already signed with his key and there is a trust path to it
> from the debian keyring.
Well, appropriate measures would be taken of course.
If you're uneasy about this, you can just get Marco's key added to the
gnuab keyring and let him upload the packages himself.
> Every kiddie around can forge some SMTP headers and pretend to be
> Marco.
Yeah, but you sign .changes files with package names and MD5sums. So the
kiddie must be in a position to build X on GNU himself and sneak
malicious code in. That, er, limits the amount of people eligible for
such an attack =)
This all implies that he would actually build something, so perhaps we
should worry about this first ;)
Michael
--
Michael Banck
Debian Developer
mbanck@debian.org
http://www.advogato.org/person/mbanck/diary.html
Reply to: