Re: proposed release goal: DEBIAN/md5sums for all packages
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stefano Zacchiroli ha scritto:
> In an attempt to prevent drift to a well-known counter argument:
> DEBIAN/md5sums (used by debsums) are *not* intended as a mean to counter
> security attacks, since they can be easily altered.
If md5sums become part of the policy, then this brings me to an old idea
of mine.
Idea: we set up a database containing those md5sums , for all
packages/versions that pass thru the archive, and add a web interface to
that. This database then may be really used in forensic.
Example usage. Suppose that I find out that my PC has been hacked. I
then shut it down immediatly, and grab a live CD. I boot my PC using the
live CD, and have it connect to Internet. I then start a simple utility
(think of 'debsums --web --root'), that, for any package that is
installed in the OS in the PC, downloads the md5sum for that version
from the web interface, and goes checking; eventually leaving a list of
all files that did not check OK or that were found in /etc /usr /bin ...
and have no md5sum.
Of course this would give many false positives, (such as the aspell
hashes, as is discussed in a subthread ; and a lot of stuff in /etc);
but it would be useful to prune the majority of OK files out, and leave
a small subset for human forensic analysis.
a.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG0qHD9B/tjjP8QKQRAmJnAJ9oUWwME6Q8g6JrRt6bF4nk6HYIawCdG1hP
GRyBERL04/5Nz2/YmM16uts=
=M3m4
-----END PGP SIGNATURE-----
Reply to: