Date: Tue, 11 Jan 2000 11:58:28 -0800 (PST) From: Kris Kennaway <kris@hub.freebsd.org> To: security@freebsd.org Subject: Warning: insecurity of ctm Message-ID: <Pine.BSF.4.21.0001111153330.95142-100000@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
I've recently added the following warning to the ctm(1) and ctm_rmail(1) manpages: -------- SECURITY CTM is an INSECURE PROTOCOL - there is no authentication performed that the changes applied to the source code were sent by a trusted party, and so care should be taken if the CTM deltas are obtained via an unauthenti- cated medium such as email. It is a relatively simple matter for an at- tacker to forge a CTM delta to replace or precede the legitimate one and insert malicious code into your source tree. If the legitimate delta is somehow prevented from arriving, this will go unnoticed until a later delta attempts to touch the same file, at which point the MD5 checksum will fail. A future version of FreeBSD may solve this problem by authenticating CTM deltas using cryptographic signatures, but in the mean time it is strong- ly recommended that you obtain the CTM deltas via FTP, and not via email. -------- Everyone who uses CTM should be aware of the implications of this.. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0001111153330.95142-100000>