[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: apt 0.6 and how it does *not* solve the problem

On Mon, 23 Aug 2004 14:46, Bron Gondwana <brong@brong.net> wrote:
> > Removing developers who don't meet certain criteria (EG no package
> > uploads for 6 months) from active status makes a lot of sense.  Anyone
> > care to propose a GR?
> This doesn't work.  The problem is basically:
> a) what about a package which they uploaded while valid, more than 6 months
> ago, that someone wants to download and install now.

That package doesn't matter, if they don't have active status then the Debian 
server machines won't accept it.

> b) if by date, what's to stop someone backdating a package and falsifying a
>    mirror/proxy with a copy of their package.  The signature will still
> check out.

Because they can't go back in time and get the Debian server to accept the 

> If you wanted to implement this the only safe way to do it and have the
> original packages by ex-developers still installable is to have a central
> daemon check the signature and co-sign the fact that they checked the
> signature at a certain date (upload date) and that it was valid as of that
> time.

Isn't the entire point of apt security extensions to make sure that the 
packages can only be accepted if they come from the Debian server not another 
server that impersonates it?

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to: