On Wed, 2015-12-30 at 21:07 +0100, Björn Persson wrote: > Kevin Fenzi wrote: > > On Wed, 30 Dec 2015 19:38:35 +0100 > > Björn Persson <bj...@xn--rombobjrn-67a.se> wrote: > > > Without commit access to Git the attacker couldn't edit the sources > > > file, so – assuming that everything that uses the lookaside cache > > > bothers to verify the checksum – the attacker would have to forge a > > > tarball that has the same MD5 hash as the original. That is an > > > attack on the second-preimage resistance of MD5. > > > > I don't think even that would work, as you cannot upload new sources > > with the same md5sum as an existing upload. It would just tell you > > it's already uploaded. > > OK, that reduces the attack window as the attacker would have to upload > the malicious tarball after a release has been made upstream but before > the maintainer gets around to upgrading the package.
And the maintainer would have to not notice that an updated tarball had already been uploaded. Which is *possible*, because lord knows, we've all forgotten to run fedpkg new-sources and seen our builds fail and gone 'oh god, yeah, I forgot to run fedpkg new-sources'. But it's another thing that has to happen for the attack to succeed, at least. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
