lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20111001192438.GA22938@kroah.com>
Date:	Sat, 1 Oct 2011 12:24:38 -0700
From:	Greg KH <greg@...ah.com>
To:	Willy Tarreau <w@....eu>
Cc:	Andy <akwatts@...il.com>, schwab@...ux-m68k.org,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: kernel.org status: hints on how to check your machine for
 intrusion

On Sat, Oct 01, 2011 at 09:06:12PM +0200, Willy Tarreau wrote:
> On Sat, Oct 01, 2011 at 01:40:44PM -0500, Andy wrote:
> > On Sat, Oct 01, 2011 at 07:54:56PM +0200, Willy Tarreau wrote:
> > >   $ git config tar.umask 022
> > 
> > Andreas/Willy:
> > 
> > It was indeed umask which was skewing the results. Thanks.
> > 
> > Now, I'll wait for Willy's hashes since I can't drill down on
> > Linus' 2.6 tree beyond 2.6.x.
> 
> OK I'm attaching two files, one computed with the initial 002 perms and
> a second one with the new 022 perms. I don't precisely know when the perms
> changed, hence the two files. I noticed that 2.6.25 was still 002, and that
> 2.6.32 was 022. In between I don't know. Note that I'm missing some tags
> (at least 2.6.35.12 and a few 2.6.33.x and 2.6.34.x).
> 
> The file is formated to be easily used with "md5sum -c" that dirty way
> (once hashes are split/joined at the location where the umask changed) :
> 
>   cd /path/to/mirror/2.6
>   cp linux-*.tar.gz /tmp
>   cd /tmp
>   gunzip linux-*.tar.gz
>   md5sum -c expected-hashes.md5
> 
> It would be nice if someone with an access to a mirror could check the
> perms of *every* tarball so that we can establish the definitive list
> of signatures. I'm pretty sure the umask history is not linear. For
> instance, I'm pretty sure I did not change the umask in my config when
> releasing 2.6.27.x kernels and it seems like Greg did not do this either
> so we have 2.6.27 022 and 2.6.27.x 002. Something like this might do it
> (untested) :
> 
>   for i in linux-*.tar.gz; do
>     set -- $(tar tvf $i|head -1)
>     [ "$1" == "drwxrwxr-x" ] && echo "$i 002" || echo "$i 022"
>   done
> 
> Hoping this helps a bit.

Very nice, thanks so much for providing an independant verification of
the tarballs, it is much appreciated.

And yes, the umask problem did trip us up when we did the initial
verification as well, fun to see that you all figured out and solved the
problem faster than I did :)

thanks again,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ