gnu-arch-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] signed archives and key management

From: Colin Walters
Subject: Re: [Gnu-arch-users] signed archives and key management
Date: Wed, 21 Jan 2004 21:29:13 -0500 
On Tue, 2004-01-20 at 21:37, James Blackwell wrote:

> Bad:
> 
> 1. Given out accounts to people that have arch archives
> 2. Not set up an intrusion detection system.
> 3. Not firewalled off snmpd yet (needed for mrtg)

You might want to try SELinux by the way.  I wrote some policy for
people committing to an arch archive.  It's running on rhythmbox.org
now.

> 3. If we put me back into the bad guy role, I don't get anywhere. If I
> use my key, then when people figure out archives have been cracked, then
> the police have my (well signed key) as evidence to track me down.

Right...but if you manage to compromise a revision without anyone
noticing, it wouldn't be that hard to insert some code in there to mail
you the developer's private GPG keys.  Then you replace that revision
with the original, and you can compromise the source code however you
want, since you have the developer keys.  Your tracks would be covered.

The only way to prevent this sort of attack is to limit the public keys
you verify against in the first place.

Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to
[Prev in Thread] Current Thread [Next in Thread]