Date: Wed, 14 Mar 2001 08:46:51 +0200 From: Peter Pentchev <roam@orbitel.bg> To: Terry Lambert <tlambert@primenet.com> Cc: freebsd-arch@FreeBSD.ORG Subject: Re: [PATCH] add a SITE MD5 command to ftpd Message-ID: <20010314084651.A23104@ringworld.oblivion.bg> In-Reply-To: <200103140459.VAA03061@usr05.primenet.com>; from tlambert@primenet.com on Wed, Mar 14, 2001 at 04:59:22AM %2B0000 References: <20010313211544.B17733@ringworld.oblivion.bg> <200103140459.VAA03061@usr05.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 14, 2001 at 04:59:22AM +0000, Terry Lambert wrote: > > A recent thread about Bill Fenner's distfiles-checking scripts > > set me thinking about easy detection of MD5 checksum mismatches. > > Bill Fenner pointed out that these checks are not done because > > of the sheer volume of the network traffic needed to download > > all the distfiles from all the distsites. > > > > I know that adding a ``SITE MD5 filename'' command to our ftpd > > is a *very* little step in a possibly wrong direction (this will > > not automagically make all the ftp daemons on all the distsites > > implement this command), but IMHO, it's a start.. I'm thinking > > of adding similar functionality to wu-ftpd and ProFTPd soon, and > > submitting patches to the authors, in the hope of starting a ball > > rolling :) > > The point of the MD5 is to provide a locally uncorruptable, > verifiable crosscheck between the image on a remote side and > the contents of a local ports Makefile. [snip] > > Clearly, "Cached Data Considered Harmful" very quickly comes > into play here. > > So before doing this, ask yourself: > > 1) Why do we have MD5's at all, in the first place? > > 2) Does this new extension threaten that reason for them > existing in the first place? This is NOT meant as a replacement for the local security check that is there for a very good reason. It is only meant to provide some kind of an 'early warning' in those rare, but VERY annoying cases when the distributors reroll the dist tarballs without a version number bumping. If the distributor wants to fool the FreeBSD Ports collection by using an ftpd that pretends to support this, yet does not, then we're absolutely no worse than we are now - the notification for changed checksums only comes when somebody tries to build the port and ends up sending a PR instead. However, if this were to be implemented, on however few of the sites, then it *could* provide a great opportunity even for the maintainers themselves - it is very easy to imagine a remote FTP MD5 checksum tool, that is run by each port maintainer on a regular basis for each of his ports, so things do not get to the point that annoyed users blame the maintainers, the Ports Collection and the FreeBSD project for the deeds of dumb authors. Again, this is not - and can never be - a replacement for the local crosscheck. G'luck, Peter -- This sentence claims to be an Epimenides paradox, but it is lying. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010314084651.A23104>