[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: md5sum proposal

Hi,
>>"Goswin" == Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de> writes:

 Goswin> Anthony Towns <aj@azure.humbug.org.au> writes:

 >> Taking an md5sum of the control.tgz and data.tgz components as a whole
 >> and signing these would be somewhat more `secure' and certainly no
 >> more difficult.

 Goswin> Yep. Saying that xxx has no sum doesn't hold, since it could allways
 Goswin> be include. :)

        So we agree on package integrity: md5sum files are tno the
 answer here.

 >> > 3. After configuration new md5sums can be generated and signed (for
 >> >    security)
 >> 
 >> This also has more complicated issues than just generating md5sums (find
 >> | xargs will do that for you). In particular making sure your list of
 >> md5sums isn't equally vulnerable as your main system is difficult. Signing
 >> them in any useful way requires keeping your private key on removable
 >> media, (or on a separate secured/firewalled/somethinged computer).

        You mean you do not keep your private key on a removable media
 on a non-networked computer? Why are you worrying about security at
 all then?

 >> Other options are keeping your md5sums on removable media, or
 >> write-once media, like CD-R or printing them out in a manner
 >> that's verifiable by hand [0].

 >> For system recovery purposes, though -- and seeing what you have to
 >> reinstall, or what you munged when you did a make install as root when
 >> you shouldn't have, or whatever, .md5sums don't seem all that bad to me.

 Goswin> Thats the main use for it, as I see it. But not only for recovery, but 
 Goswin> also for backup. You only need to backup files that have a different
 Goswin> md5sum compared to the deb files on CD.

        Why only .deb files? And the md5sums included in packages can
 not accomodate conf files in /etc legitimately changed by the
 sysadmin.

        If this is the onl;y legitimate use of the sums files, why
 bloat the packaging mechanism with them? Why not work on a program
 that is flexible enough to look at any and all files on the system,
 as directed by the user.

        I figure we need a program that
 a) Takes a list of dir tree roots to consider (so I can add
    /usr/local/etc or /home/srivasta/Backups
 b) Applies exclusion reg expressions to the files in the tree
 c) Applies inclusion regexps (optionally) to the files excluded
 d) Looks at targets of links
 e) looks at uid and gid of files
 f) looks at md5sums of files
 g) creates its databse under a single dir, so it may be mounted on
    removeable media (like a CD-RW or zip/jazz drive)

        manoj
-- 
 Griffin's Thought: When you starve with a tiger, the tiger starves
 last.
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
Reply to: