On Sun, 2023-11-26 at 12:23 +1100, Dmitry Smirnov wrote: > On Sunday, 26 November 2023 4:56:03 AM AEDT Christoph Anton Mitterer wrote: > > Even if the downloader tool does everything right (which is actually quite > > difficult if one assumes things like replay or blocking attacks), there's > > still code introduced which is not in the control of Debian and especially > > also outside security support. > > IMHO this is a valid concern ... What do you think, Paul?
As far as I can tell from parse_drive_database in knowndrives.cpp there is no code being loaded, it just parses drivedb.h as a text file. There could still of course be security issues in the approach but since upstream is signing the file and the downloader verifies signatures, only upstream could exploit any security issues in their own code, but those could be target specific while their released code isn't. Probably those who are concerned about this should talk to upstream about switching to a more common format with more robust parsers. -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
