Date: Tue, 18 Nov 2003 09:32:02 -0700 (MST) From: "M. Warner Losh" <imp@bsdimp.com> To: des@des.no Cc: colin.percival@wadham.ox.ac.uk Subject: Re: Secure updating of OS and ports Message-ID: <20031118.093202.131522893.imp@bsdimp.com> In-Reply-To: <xzp7k1yxdev.fsf@dwp.des.no> References: <5.0.2.1.1.20031117165641.03101720@popserver.sfu.ca> <xzp7k1yxdev.fsf@dwp.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
In message: <xzp7k1yxdev.fsf@dwp.des.no>
des@des.no (Dag-Erling Sm=F8rgrav) writes:
: Colin Percival <colin.percival@wadham.ox.ac.uk> writes:
: > At 06:02 17/11/2003 -0800, Carol Overes wrote:
: > > I'm thinking of updating kernel and binaries with
: > > patches form ftp.freebsd.org which are siganed with
: > > the PGP key of the security officers. However, this
: > > has to be hand-made patching. Does anyone know a
: > > secure way via for example cvsup ?
: > CVSup is insecure. FreeBSD Update might do what you want, but
: > you'd have to trust me. :)
: =
: ...and three-hundred-odd FreeBSD developers.
: =
: At some point you just have to stop doubting and start trusting.
cvsup is secure from everything except man in the middle or
redirection attacks. When you run cvsup over an ssh-tunnel, you can
solve these problems if you trust the cvsup running on the localhost
you ssh to.
Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031118.093202.131522893.imp>