Brian J. Beesley wrote:
My only issue with the FTP server has been the lack of MD5 sums to
verify the download... Which is why when I set up the GIMPS mirror on
mersenneforum.org I included MD5 sums...
Umm. MD5 (and SHA-1) are looking dodgy these days - there are tools for
making files with matching hashes, and executable binaries tend to have
enough non-critical content (text strings etc) embedded in them to make a
matched hash rather less secure than you would think it should be. OK, better
than CRC32, but far from a secure safeguard.
But first, they're put there to check if the file was downloaded
correctly, not to check, if it's unchanged. Second, changing zip's md5
shouldn't be so easy, because one has got to find content, that has
specified md5 sum after being ziped (zip has its own checksum, so I
belive it's impossible to change just a few bytes of zip archive).
SHA-256 & SHA-512 are being talked about as possible replacements. Maybe they
might survive realistic attacks for few years.
Unless they're put on the same FTP site as the changed archive. ;-)
My principal safeguard against possible compromise of downloaded mprime
executables is to run them chrooted, as a special user with a small disk
quota and very, very few priveleges.
Would you be so nice and share your solution? With all stuff,
autostarting, quota, priveleges and so on... TIA
--
No sig today.
_______________________________________________
Prime mailing list
[email protected]
http://hogranch.com/mailman/listinfo/prime
