From owner-freebsd-security  Wed Oct  9 12:36: 7 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 49EC137B401
	for <security@FreeBSD.ORG>; Wed,  9 Oct 2002 12:36:06 -0700 (PDT)
Received: from obsecurity.dyndns.org (adsl-64-165-226-88.dsl.lsan03.pacbell.net [64.165.226.88])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AE25843E65
	for <security@FreeBSD.ORG>; Wed,  9 Oct 2002 12:36:05 -0700 (PDT)
	(envelope-from kris@obsecurity.org)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 1D75166C7B; Wed,  9 Oct 2002 12:36:03 -0700 (PDT)
Date: Wed, 9 Oct 2002 12:36:02 -0700
From: Kris Kennaway <kris@freebsd.org>
Cc: Mike Tancsa <mike@sentex.net>,
	Erick Mechler <emechler@techometer.net>, security@FreeBSD.ORG
Subject: Re: Am I downloading what I think I am (was Re: I doubt that this affects FreeBSD, but FYI
Message-ID: <20021009193602.GG84472@xor.obsecurity.org>
References: <A87611A0-DB29-11D6-8AF4-003065479A66@infospace.com> <4.3.2.7.2.20021008174734.029e9e00@localhost> <A87611A0-DB29-11D6-8AF4-003065479A66@infospace.com> <5.1.1.6.0.20021009130608.0655d7f8@marble.sentex.ca> <20021009193436.GF84472@xor.obsecurity.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="DWg365Y4B18r8evw"
Content-Disposition: inline
In-Reply-To: <20021009193436.GF84472@xor.obsecurity.org>
User-Agent: Mutt/1.4i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


--DWg365Y4B18r8evw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Wed, Oct 09, 2002 at 01:13:51PM -0400, Mike Tancsa wrote:

> One thing to note about MD5 sums, is that if someone broke into an ftp site
> and uploaded a trojaned file, why not upload a new matching MD5 checksum
> file as well ?

MD5 sums distributed _with_ the binary are a guard against corruption
during download, they are not a security mechanism.  _Externally_
distributed MD5 checksums (not obtained from the same source) are a
security mechanism (not a perfect one, but very good in practise) -
the md5 sums in the FreeBSD ports collection fall into this class,
which is why FreeBSD was never affected by this problem even if people
downloaded the trojaned distfile (unless they overrode the security
warning and shot their own foot off).

Kris


--DWg365Y4B18r8evw
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQE9pIUhWry0BWjoQKURAg+lAJ916S14OYtDB+qibhWNC6xLfN1cuwCeK5hk
QtpVYri194YNDsVykPu1ggU=
=EVwX
-----END PGP SIGNATURE-----

--DWg365Y4B18r8evw--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message