From owner-freebsd-security@FreeBSD.ORG Mon Apr 14 05:36:31 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0D285C3C for ; Mon, 14 Apr 2014 05:36:31 +0000 (UTC) Received: from mail-wg0-x22e.google.com (mail-wg0-x22e.google.com [IPv6:2a00:1450:400c:c00::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 97B1912D3 for ; Mon, 14 Apr 2014 05:36:30 +0000 (UTC) Received: by mail-wg0-f46.google.com with SMTP id b13so7715941wgh.29 for ; Sun, 13 Apr 2014 22:36:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=q8PFKkSMQUCC3WWZESsLNH2otJbfht+138+tdXeauN0=; b=SdTLdOo5WjR4gmWpPEgnTTZJpJloZUAkVpIgUY5bYEyDsrCOkf3loG7eYeI4jJe8of KT8gFg2/0wljiq3LH32FdKwtCmeCQjW0Km0bSwJzEFz2+0fO00uBX07SSTEsk2wRDvKt +7GtHg0erdPnO5feIcpJ8SrEbfDNUTiV5AV2tKg2c1dr6iF1nBCpMqjKyyAP5PdOnfQ3 VuIuy9lFKtAO01/f/z82Vl1LIQTXuO0PPdnbg5/cZSRiCJODxrgjXjwmhe0dl5z64Y9N KNUMCG+cRayxVO7C/FLjcURirpmtnC+/eIoXDMbYbtqflivxafWtM5MQ14Ws7B4T5N9X sQhA== MIME-Version: 1.0 X-Received: by 10.180.93.133 with SMTP id cu5mr8026602wib.47.1397453788835; Sun, 13 Apr 2014 22:36:28 -0700 (PDT) Received: by 10.217.55.138 with HTTP; Sun, 13 Apr 2014 22:36:28 -0700 (PDT) In-Reply-To: <20140414144155.C55844@sola.nimnet.asn.au> References: <53472B7F.5090001@FreeBSD.org> <53483074.1050100@delphij.net> <44bnw5uwmm.fsf@lowell-desk.lan> <20140414144155.C55844@sola.nimnet.asn.au> Date: Mon, 14 Apr 2014 00:36:28 -0500 Message-ID: Subject: Re: Retiring portsnap [was MITM attacks against portsnap and freebsd-update] From: David Noel To: Ian Smith Content-Type: text/plain; charset=ISO-8859-1 Cc: Lowell Gilbert , freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: David.I.Noel@gmail.com List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 05:36:31 -0000 > Indeed it is not. David's solution - which seems to amount to removing > portsnap and herding the cats at home to DTRT about using svn securely - > relies on other cats being as smart and aware of the ramifications as he > is - a highly questionable proposition especially for the numerous more > naive users that portsnap renders the process of securely upgrading the > ports tree just about as simple and consistent as it can be. On the one hand I do get what you're saying. On the other I don't know that you're fairly characterizing the typical portsnap user. Building ports from source is not something I would think a novice FreeBSD user would do (make can be--and often is--an absolute nightmare!). Rather, I would imagine a novice would be using something like pkgng. > David, perhaps your obvious talent for auditing the portsnap code and > its server-side configuration might be better applied to remedying any > perceived vulnerabilities in conjunction with present and past security > officers and teams? Thanks. I'm happy to, and it's on my to-do list, the only problem is that I'm swamped with other projects and it's been sitting on that list for the past 2 years. It seems to be a similar problem for Colin and the Security Team. I'm hoping that by bringing this bug to the list that someone with more free time will be able to patch it. -David