Re: Reflections on Trusting Trust

• Previous message: Robert Watson: "Re: Reflections on Trusting Trust"
• Maybe in reply to: Peter Jeremy: "Reflections on Trusting Trust"
• Next in thread: Peter Jeremy: "Re: Reflections on Trusting Trust"
• Reply: Peter Jeremy: "Re: Reflections on Trusting Trust"
• Reply: Kris Kennaway: "Re: Reflections on Trusting Trust"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <freebsd-security@freebsd.org>
Date: Tue, 29 Nov 2005 13:36:31 -0200

I'm new here, and I've posted only once. I just want to add my "just another
user" opinion on this...

Signing security advisories that sends the hashes for a file does a nice
job.

I think the only problem that exists is the package/ports deployment. I
belive we can't trust only on hashes for this (tar already does a fine job
on integrity...), because it can be easily circunvented. Maybe trusting this
it is the real weakest link...

One thing that could do a good job is default install gnupg and pre-install
some important pgp public keys on ISOs releases, on root's profile... This
pre-installed keys can be used by users, ports or pkg_tools, while
installing or updating packages/ports. Who will sign is another problem, but
I think it will improove things a bit anyway, minimising mitm attacks. My
mom used to say "always prefer the pre-installed pub keys...".

[]'s
aristeu

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Robert Watson: "Re: Reflections on Trusting Trust"
• Maybe in reply to: Peter Jeremy: "Reflections on Trusting Trust"
• Next in thread: Peter Jeremy: "Re: Reflections on Trusting Trust"
• Reply: Peter Jeremy: "Re: Reflections on Trusting Trust"
• Reply: Kris Kennaway: "Re: Reflections on Trusting Trust"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]