control: tags -1 + moreinfo control: severity -1 normal Hi Christoph (bcc:ed),
On Sonntag, 22. Juni 2014, Christoph Anton Mitterer wrote:
> As already pointed out in the aforementioned thread, this has
> several critical security issues:
And they are all (IMHO successfully) considered in the code, so I'm
downgrading this bug:
> - anyone from these upstream people, whose key is included, and
> who are not DDs, can in principle introduce any software they like
> into the Debian system of any single user or all users.
this is a feature, by design. Also this is why tb-launcher is now in contrib.
> - since it automatically determines the most recent version and downloads
> it, it completely circumvents the package management system.
again, by design.
> - another really big problem are blocking/downgrade attacks.
as explained by Micah (in this bug), this is being protected against.
So, actually, I don't really see a bug here, except that you don't like the
existence of this software provided _as it is_, by design. So either don't
enable non-free and don't install this, or you would prefer torbrowser build
from sources, wihch would need a firefox-src package... (and which would take
longer to build and deploy, thus probably leaving a bigger attack window in
case of problems.)
It's unclear what you really want and maybe it would still be useful to clone
and split this bug into several. Or maybe just closing this bug would be
better?
cheers,
Holger
signature.asc
Description: This is a digitally signed message part.
