From owner-freebsd-pkg@freebsd.org Mon Apr 18 11:00:59 2016 Return-Path: Delivered-To: freebsd-pkg@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AAE6AAEE167 for ; Mon, 18 Apr 2016 11:00:59 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.117.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3832D18C4 for ; Mon, 18 Apr 2016 11:00:58 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from zero-gravitas.local (unknown [85.199.232.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id 347D611B2B; Mon, 18 Apr 2016 11:00:53 +0000 (UTC) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org Authentication-Results: smtp.infracaninophile.co.uk/347D611B2B; dkim=none; dkim-atps=neutral Subject: Re: Intrusion Detection using pkg? To: Vsevolod Stakhov , freebsd-pkg@freebsd.org References: <5714BA56.50704@highsecure.ru> From: Matthew Seaman Message-ID: <5714BE83.1060909@FreeBSD.org> Date: Mon, 18 Apr 2016 12:01:23 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.7.0 MIME-Version: 1.0 In-Reply-To: <5714BA56.50704@highsecure.ru> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="e2uI841a4XCXr9hQs1Kkn6Qk0KRqLtKxS" X-Virus-Scanned: clamav-milter 0.99.1 at smtp.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-0.4 required=5.0 tests=BAYES_00,RDNS_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on smtp.infracaninophile.co.uk X-BeenThere: freebsd-pkg@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Binary package management and package tools discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Apr 2016 11:00:59 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --e2uI841a4XCXr9hQs1Kkn6Qk0KRqLtKxS Content-Type: multipart/mixed; boundary="FQdHS3W1c6IwwnGdVbUFak8vkFVg6BpSj" From: Matthew Seaman To: Vsevolod Stakhov , freebsd-pkg@freebsd.org Message-ID: <5714BE83.1060909@FreeBSD.org> Subject: Re: Intrusion Detection using pkg? References: <5714BA56.50704@highsecure.ru> In-Reply-To: <5714BA56.50704@highsecure.ru> --FQdHS3W1c6IwwnGdVbUFak8vkFVg6BpSj Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 2016/04/18 11:43, Vsevolod Stakhov wrote: > I don't like this idea: if an attacker has enough power to modify files= > on FS why he or she cannot do the same for checksums in pkg database? W= e > need digital signatures and password protected private key. Then a user= > can type something like: Uh, yes. That's pretty much exactly what I'm suggesting. > pkg sign <- enter private key password >=20 > followed by: >=20 > pkg sign --check to verify the existing checksums This user interface would work for me. > Unfortunately, after years of useless discussion we have no sane > signatures scheme in pkg, and I have no desire to continue these > discussions I'm afraid. I believe the current package signature stuff serves its purpose, which is to verify that the package tarball in question originated from an identified and trusted source and hasn't subsequently been tampered with. Which is fine, but there's a definite use-case for going further..= =2E Cheers, Matthew --FQdHS3W1c6IwwnGdVbUFak8vkFVg6BpSj-- --e2uI841a4XCXr9hQs1Kkn6Qk0KRqLtKxS Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQJ8BAEBCgBmBQJXFL6KXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxOUYxNTRFQ0JGMTEyRTUwNTQ0RTNGMzAw MDUxM0YxMEUwQTlFNEU3AAoJEABRPxDgqeTnhPIQAJZDhMXzemsYxCdxxX2aaN1+ aeMjWCZIYi9VNM7FZ/8jmjwdP+4kVhKd4A+QFmSa3OUb6OdzNaqGeOZaXrhJfaWA pLU4BTYA559A932ja00+6fWN6s0S4QkiFuCKdQrKrm55wovTg90RFs64ZfvXRNUQ +fybFbp5s+q3IWHQK+r45tatwFZsaOe/57NgYOd/K9Od61q6iOrOx3mVPqwgAR8/ 5cXJiKbqVXMCsIFZ2bNtjbihrD438XsvfZ2GnjGmCCpg9pE4WgwxEQhMJaUo7gaK DVD37hHdMhDv8C9YhY2ciF+Dv2Yzd327Y4M3wBJGdfykitqzddsE96dqYu0fb/4e jw2cXsIONAh34KkqCSR/veR9mtQMSfZkLqSdtDsBZLfWN/oypj8UB7tUd7FKbnRS 8fSeiXZGW1xJlRXRywk7Q47Zlql3YnPw+VcaLcWE3gRdF2EbrptYxqb/Qx0felL/ 5P/7SOoAuystvFIjZAhQiR6l0HaBEg2MjBkfQRcTEBh40WnO3qBmB+FvMNCJ6Pe9 305SvQPSeH//L0UFL/zpCjMojYEmbf3hbO7DxCNWDgwRd0gGljKHinxsuYM7LDc9 SOijRIKSIkq5sOt9Vh1QH+YMj0bY14kNGDzfofkE0uXbMGqdrcjqPyZzAkNXIA9g nq062tVNMQNRe9Bq4Wfs =wLgh -----END PGP SIGNATURE----- --e2uI841a4XCXr9hQs1Kkn6Qk0KRqLtKxS--