[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: PPA security (was: Debian mirrors and MITM)

Hans-Christoph Steiner wrote:
> This could be approached another way.  There could be scripts in the
> packaging tools that mark a package if it does not run anything in any
> of the scripts that does not come from the packaging tools.  I think
> many many packages would qualify here, most packages do not touch the
> pre/post scripts, so the ones that are included are generated by
> debhelper or whatever.
> Then you could see whether a package is requesting to run its own
> scripts as root, and make the call there.  A package that does not add
> anything to those scripts would be pretty safe to install, at least.

There is a lot of code that is run by maintainer scripts that currently
has no reason to worry about the security of its inputs, which are
provided by files in the package. For this to work, it would all need to
be made secure. Retroactively adding such a security requirment is a
good way to end up playing security wack-a-mole for many years thereafter.

see shy jo

Attachment: signature.asc
Description: Digital signature

Reply to: