On Mon, Mar 08, 2010 at 05:59:13PM -0500, Joey Hess wrote: > Russ Allbery wrote: > > The missing link, in this validation scenario, is how to get a signed copy > > of the MD5 checksums of the files in the package. > > That's one missing link. The other one is that there are innumerable > ways for an attacker to inject bad behavior/backdoors onto a system > without touching binaries originating from dpkg.
Signatures don't prevent bugs, they don't prevent trojans, they don't prevent attacks on SSH. But they let you *detect* attacks. It's not that easy to install a root kit that hides all changes and you can always boot from a trusted medium to check your files. Without signatures, you can't, or at least it a lot harder. > Expecting debsums to > protect against any form of attack is bound to result in a false sense > of security; I don't expect that. harry -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
