Reflections on Trusting Trust
aristeu
suporte at wahtec.com.br
Tue Nov 29 15:36:56 GMT 2005
I'm new here, and I've posted only once. I just want to add my "just another
user" opinion on this...
Signing security advisories that sends the hashes for a file does a nice
job.
I think the only problem that exists is the package/ports deployment. I
belive we can't trust only on hashes for this (tar already does a fine job
on integrity...), because it can be easily circunvented. Maybe trusting this
it is the real weakest link...
One thing that could do a good job is default install gnupg and pre-install
some important pgp public keys on ISOs releases, on root's profile... This
pre-installed keys can be used by users, ports or pkg_tools, while
installing or updating packages/ports. Who will sign is another problem, but
I think it will improove things a bit anyway, minimising mitm attacks. My
mom used to say "always prefer the pre-installed pub keys...".
[]'s
aristeu
More information about the freebsd-security
mailing list