From owner-freebsd-chat@FreeBSD.ORG  Sat Jun 21 18:18:58 2003
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Delivered-To: freebsd-chat@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8129D37B401
	for <chat@FreeBSD.ORG>; Sat, 21 Jun 2003 18:18:58 -0700 (PDT)
Received: from HAL9000.homeunix.com (ip114.bella-vista.sfo.interquest.net
	[66.199.86.114])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AF47043F85
	for <chat@FreeBSD.ORG>; Sat, 21 Jun 2003 18:18:56 -0700 (PDT)
	(envelope-from das@FreeBSD.ORG)
Received: from HAL9000.homeunix.com (localhost [127.0.0.1])
	by HAL9000.homeunix.com (8.12.9/8.12.9) with ESMTP id h5M1INJa060015;
	Sat, 21 Jun 2003 18:18:23 -0700 (PDT)
	(envelope-from das@FreeBSD.ORG)
Received: (from das@localhost)
	by HAL9000.homeunix.com (8.12.9/8.12.9/Submit) id h5M1IIHv060014;
	Sat, 21 Jun 2003 18:18:18 -0700 (PDT)
	(envelope-from das@FreeBSD.ORG)
Date: Sat, 21 Jun 2003 18:18:18 -0700
From: David Schultz <das@FreeBSD.ORG>
To: Colin Percival <colin.percival@wadham.ox.ac.uk>
Message-ID: <20030622011818.GA59989@HAL9000.homeunix.com>
Mail-Followup-To: Colin Percival <colin.percival@wadham.ox.ac.uk>,
	ultraviolet@epweb.co.za, chat@freebsd.org
References: <5.0.2.1.1.20030621175853.02c92e00@popserver.sfu.ca>
	<20030621163835.GA18653@tulip.epweb.co.za>
	<5.0.2.1.1.20030621175853.02c92e00@popserver.sfu.ca>
	<5.0.2.1.1.20030621193449.02c91ce8@popserver.sfu.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5.0.2.1.1.20030621193449.02c91ce8@popserver.sfu.ca>
cc: chat@FreeBSD.ORG
cc: ultraviolet@epweb.co.za
Subject: Re: Cryptographically enabled ports tree.
X-BeenThere: freebsd-chat@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Non technical items related to the community
	<freebsd-chat.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-chat>
List-Post: <mailto:freebsd-chat@freebsd.org>
List-Help: <mailto:freebsd-chat-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Jun 2003 01:18:58 -0000

On Sat, Jun 21, 2003, Colin Percival wrote:
> At 19:54 21/06/2003 +0200, William Fletcher wrote:
> >One other thing while I'm at making a clown of myself.
> >
> >Wouldn't it be an absolute joke if someone rooted a redhat box on
> >your network, dns poisoned for cvsup.*.freebsd.org and promptly
> >found a way to create a cvsup-mirror on another machine
> >with modified source.
> 
>   I'm not sure I'd use the word "joke"... yes, that would definitely be a 
> problem.
>   Another security problem is FTP installs; sysinstall doesn't have any 
> sort of signature verification built in, so anyone doing an FTP install 
> could find themselves installing trojans.  The only secure distribution, 
> AFAIK, is the ISO image, because the MD5 sum of that is announced in a 
> (signed) release announcement.

We already have MD5 checksums of each port, so all it takes is to
have so@ sign a MAC for the entire ports tree.  Now doing
something more sophistocated and seamless would be a little bit
more effort...