Subject: Re: little hacking project: bulk build checksums
To: None <tech-pkg@NetBSD.org>
From: Lasse Kliemann <firstname.lastname@example.org>
Date: 01/22/2005 18:29:17
Content-Type: text/plain; charset=us-ascii
* Hubert Feyrer writes:
> On Sat, 22 Jan 2005, Lasse Kliemann wrote:
> >>Verify (manually) that the binary pkgs are not modified.
> >Modified by whom?
> >He who can modify the binary packages can also modify the checksums,=20
> >unless you
> >take extra precautions via file permissions and ownerships. But then, yo=
> >protect the binary packages against modification from the start.
> >Or am I missing something?
> When the checksum files are digitally signed (PGP), changing them isn't=
Ok, so it is about protection against someone hacking into the ftp server o=
manipulating files during transfer somehow.
> >What is the exact scenario that you have in mind?
> Do a bulk build, create checksum files, sign them, upload binary pkgs and=
> signed checksum files to ftp.netbsd.org.
I see. I would include the creation of checksums into some extra script the=
(similar to what Jan proposed).
BTW, how about signing the binary packages themselves?
Does this make a difference regarding security?
private homepage: http://plastictree.net
NO software patents: http://swpat.ffii.org
do NOT use M$ products: http://plastictree.net/articles/noms
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)
-----END PGP SIGNATURE-----