Date: Tue, 11 Feb 2014 08:26:09 +0100 From: "C. P. Ghost" <cpghost@cordula.ws> To: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Verifying a subversion checkout Message-ID: <CADGWnjUgW%2BORTn=aRE4R-i3NA-1EQS6Oq%2BkXG9vVb_trHwy9vA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello, is there a way to automatically verify that the checkout of a random subversion revision of /usr/src hasn't been tampered with? I'm worried about the possibility of 1/ an MitM attack while fetching the sources 2/ changes to the local /usr/src for whatever reasons 2/ isn't so critical; there's always the possibility to check them from another machine, provided checksums were created immediately after the svn update. It's 1/ that's bothering me. Or, asked differently, does SVN protocol support some kind of authentication that thwarts man-in-the-middle attacks? Of course, at release points, we always have checksums for the ISO images. That's security-wise the only point where I'm sure that I'm running from genuine sources. It's what's in-between releases that I'm asking about. Thanks, -cpghost. -- Cordula's Web. http://www.cordula.ws/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADGWnjUgW%2BORTn=aRE4R-i3NA-1EQS6Oq%2BkXG9vVb_trHwy9vA>