lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4EA672D9.106@zytor.com>
Date:	Tue, 25 Oct 2011 10:27:05 +0200
From:	"H. Peter Anvin" <hpa@...or.com>
To:	Kyle Moffett <kyle@...fetthome.net>
CC:	Greg KH <greg@...ah.com>,
	Jari Ruusu <jariruusu@...rs.sourceforge.net>,
	linux-kernel@...r.kernel.org
Subject: Re: kernel.org tarball/patch signature files

On 10/25/2011 06:31 AM, Kyle Moffett wrote:
> 
> Unfortunately, while there are "pristine-gz" and "pristine-bz2" tools,
> there has not yet been developed a "pristine-xz" tool:
>   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499489
> 
> So it's not yet reasonably possible for the kernel.org archive, but
> sometime in the future it might become so.
> 

There are a lot of strong reasons to NOT do so, however.

Any time we have something signed by a developer, we have something that
is precious and cannot be replicated by kernel.org staff.

Any time we have something signed by a robot, we have something that
people *will* misinterpret as having security properties that they don't
-- this has unfortunately been amply shown.

Compression formats evolve over time; right now we're concerned with gz,
bz2, and xz, but xz is brand new here and there may very well be new
things in the future.

It would be a very good thing for people to develop tools to run
compressors and decompressors in locked-down boxes.  It should be
possible to run these kinds of programs without access to either network
or filesystem; only read from stdin and out on stdout (and presumably
stderr for errors.)  This would solve problems for much more than just
kernel.org.

	-hpa

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ