From owner-freebsd-security  Wed Oct  9 12:53:42 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1D8BD37B401; Wed,  9 Oct 2002 12:53:40 -0700 (PDT)
Received: from obsidian.sentex.ca (obsidian.sentex.ca [64.7.128.101])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 2B7DA43E8A; Wed,  9 Oct 2002 12:53:37 -0700 (PDT)
	(envelope-from mike@sentex.net)
Received: from simian.sentex.net (pyroxene.sentex.ca [199.212.134.18])
	by obsidian.sentex.ca (8.12.6/8.12.6) with ESMTP id g99JrX8g051088;
	Wed, 9 Oct 2002 15:53:34 -0400 (EDT)
	(envelope-from mike@sentex.net)
Message-Id: <5.1.1.6.0.20021009154208.05e43d98@marble.sentex.ca>
X-Sender: mdtpop@marble.sentex.ca
X-Mailer: QUALCOMM Windows Eudora Version 5.1.1
Date: Wed, 09 Oct 2002 15:54:27 -0400
To: Kris Kennaway <kris@FreeBSD.ORG>
From: Mike Tancsa <mike@sentex.net>
Subject: Re: Am I downloading what I think I am (was Re: I doubt that
  this affects FreeBSD, but FYI
Cc: security@FreeBSD.ORG
In-Reply-To: <20021009193602.GG84472@xor.obsecurity.org>
References: <20021009193436.GF84472@xor.obsecurity.org>
 <A87611A0-DB29-11D6-8AF4-003065479A66@infospace.com>
 <4.3.2.7.2.20021008174734.029e9e00@localhost>
 <A87611A0-DB29-11D6-8AF4-003065479A66@infospace.com>
 <5.1.1.6.0.20021009130608.0655d7f8@marble.sentex.ca>
 <20021009193436.GF84472@xor.obsecurity.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Virus-Scanned: By Sentex Communications (obsidian/20020517)
X-Spam-Status: No, hits=-4.7 required=5.0
	tests=IN_REP_TO,REFERENCES,SPAM_PHRASE_00_01
	version=2.41
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At 12:36 PM 09/10/2002 -0700, Kris Kennaway wrote:
>On Wed, Oct 09, 2002 at 01:13:51PM -0400, Mike Tancsa wrote:
>
> > One thing to note about MD5 sums, is that if someone broke into an ftp site
> > and uploaded a trojaned file, why not upload a new matching MD5 checksum
> > file as well ?
>
>MD5 sums distributed _with_ the binary are a guard against corruption

Hi,
         Sorry, I should have been more clear.  I was speaking more to the 
general issue of a user downloading both the binary and checksum from the 
same source as is / was the case with ftp.sendmail.org.

I really like how the ports work because they do add a bit of extra 
security.  Like you said, its not perfect, but it does help.  Actually, I 
am somewhat surprised there is not some more widely used mechanism.  e.g. 
for integrity checksums, why not have it on a totally separate server run 
on a totally separate network by totally separate admins.  data one place, 
checksum another.  This way to tamper with the package, you would need to 
compromise two different systems. A sort of checksum clearing house ?

         ---Mike


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message