[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Reproducible-builds] concrete steps for improving apt downloading security and privacy

On 09/21/2014 02:04 PM, Elmar Stellnberger wrote:
> a well programmed dpkg-cmp.
> ... and as long as the tool should not be available simply un-ar and
> compare
> the data.tar.gz-s.

fwiw, this suggestion fails to compare the contents of control.tar.gz,
which includes the maintainer scripts (preinst, postinst, etc).

If someone wanted to damage your system with a modified package,
modified preinst and postinst scripts would be much more effective (they
run as root, automatically upon package installation!) than just
tweaking a given binary.

i just wanted to point out that this theoretical dpkg-cmp is at least
slightly more complex than the above suggestion makes it out to be.

And of course there are many other tools already that use plain old cmp
or digest comparisons against .deb packages already, and thinking about
how to interoperate with existing infrastructure is important.


Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: