Date: Sun, 18 Nov 2012 09:45:41 +0100 From: "Andrej (Andy) Brodnik" <andrej@brodnik.org> To: freebsd-security@freebsd.org Subject: Re: Recent security announcement and csup/cvsup? Message-ID: <50A8A035.3030304@brodnik.org> In-Reply-To: <20121117234248.GB11298@redundancy.redundancy.org> References: <20121117150556.GE24320@in-addr.com> <20121117234248.GB11298@redundancy.redundancy.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I agree, but there is signature system, which with addition of appropriate SW (e.g. built in in ports fetch/update/ ...) provides the required security. LPA Dne 11/18/12 12:42 AM, piše David Thiel: > On Sat, Nov 17, 2012 at 10:05:33AM -0500, Gary Palmer wrote: >> Can someone explain why the cvsup/csup infrastructure is considered insecure >> if the person had access to the *package* building cluster? Is it because >> the leaked key also had access to something in the chain that goes to cvsup, >> or is it because the project is not auditing the cvsup system and so the >> default assumption is that it cannot be trusted to not be compromised? > Regardless of the circumstances of the incident, use of cvsup/csup has > always been horrendously dangerous. People should regard any code > retrieved over this channel to have been potentially compromised by a > network attacker. > > Portsnap. Srsly. > > -David > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50A8A035.3030304>