Re: defence against the dark arts
On Sat, Dec 06, 2003 at 10:13:20AM -0500, hendrik@pooq.com wrote:
> I've occasionally wondered about upgrading from servers, which may
> have been conmpromised... What if the package-upgrader had an option
> to wait a week after downloading to actually perform the upgrade? Then
> there would be an opportunity to cancel the upgrade in case news of
> compromise got out. Of course, it would not help against undetected
> compromises...
You could do that yourself with some scripts.
(1) Switch to a sources.list that includes the "real servers."
(2) apt-get update; apt-get upgrade --download-only
(3) Move the .debs from /var/cache/apt/archives to a quarantine dir
(4) ls quarantine > $THE_DATE.list
Then in a cron job or something rotate in the files into your local
apt-archive; run dpkg-scanpackages to update your archive, switch to a
sources.list that just has the local mirror, apt-get update; and apt-get
upgrade.
I should probably write something like this for myself.
Is it possible to have two different sets of sources.list and tell the
tools which to use, so I wouldn't have to switch?
Reply to: