Date: Thu, 15 Mar 2001 09:27:07 -0800 From: Brooks Davis <brooks@one-eyed-alien.net> To: Terry Lambert <tlambert@primenet.com> Cc: Peter Pentchev <roam@orbitel.bg>, freebsd-arch@FreeBSD.ORG Subject: Re: [PATCH] add a SITE MD5 command to ftpd Message-ID: <20010315092707.C30551@Odin.AC.HMC.Edu> In-Reply-To: <200103150439.VAA01217@usr05.primenet.com>; from tlambert@primenet.com on Thu, Mar 15, 2001 at 04:39:09AM %2B0000 References: <20010314161555.A4984@Odin.AC.HMC.Edu> <200103150439.VAA01217@usr05.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--f0KYrhQ4vYSV2aJu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Mar 15, 2001 at 04:39:09AM +0000, Terry Lambert wrote: > > I'm frankly, completly mystified by the various comments about this not > > being a security feature. Of course it's not. That's blindly obvious. >=20 > I've always taken it as a security feature. I have to override > the enforcement for a number of ports, and the only ill effects > I have seen is that ...I have to override the enforcement for a > number of ports. We miscommunicated here. The MD5 checksums in the ports tree are for security, but this change doens't impact that except that it could stop you from downloading files that didn't match the one in the port or allow you to download files which had changed (resulting in a portrevision bump) but which you had in your /usr/ports/distfiles directory. I think the problem is that everyone associates MD5 with security, when we all know (when we think about it enough, anyway) that MD5 checksums just that and have not inate security function. > I really haven't thought about it from a "validation" persepective > before this thread, since bad code in one spot is going to be > mirrored everywhere, and so is a version number change with a > deletion of the old version. In my personal experience, the code > that fails the MD5 isn't grabbed from a different server in hopes > of getting a copy that doesn't fail the MD5, so I'm just as > screwed as if it weren't there. With this change, I'd actually expect that if a server gave an MD5 that wasn't the one we wanted and we had another choice we'd go get it from there. > The whole idea of HTTP protection like this is pretty inane, since > we've all already agreed, I think, that it's really only useful > for mirroring, or for offloading an MD5 calculation from my 800MHz > Pentium III laptop onto a big, ballsy 66MHz 486 FTP server. We definatly don't want people doing it randomly, but I think it's a sufficently useful idea within it's limited realm to at least give it a shot. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --f0KYrhQ4vYSV2aJu Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6sPtqXY6L6fI4GtQRAqaLAKDHdTt9AdakORe5wpSU6aiD1voRtACfV9AL 47bJwa1ahn0Zb12bDVy6jmk= =ztB+ -----END PGP SIGNATURE----- --f0KYrhQ4vYSV2aJu-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010315092707.C30551>