/[gentoo]/xml/htdocs/proj/en/glep/glep-0014.html
Gentoo

Contents of /xml/htdocs/proj/en/glep/glep-0014.html

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.6 - (hide annotations) (download) (as text)
Sat Oct 14 02:54:24 2006 UTC (7 years, 10 months ago) by genone
Branch: MAIN
Changes since 1.5: +5 -2 lines
File MIME type: text/html
overdue status update

1 g2boojum 1.1 <?xml version="1.0" encoding="utf-8" ?>
2     <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3     <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4     <!--
5     This HTML is auto-generated. DO NOT EDIT THIS FILE! If you are writing a new
6     PEP, see http://www.python.org/peps/pep-0001.html for instructions and links
7     to templates. DO NOT USE THIS HTML FILE AS YOUR TEMPLATE!
8     -->
9     <head>
10     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
11 g2boojum 1.5 <meta name="generator" content="Docutils 0.4: http://docutils.sourceforge.net/" />
12 g2boojum 1.1 <title>GLEP 14 -- security updates based on GLSA</title>
13 g2boojum 1.5 <style type="text/css">
14    
15     /*
16     :Author: David Goodger
17     :Contact: goodger@users.sourceforge.net
18     :date: $Date: 2003/06/02 17:03:08 $
19     :version: $Revision: 1.1 $
20     :copyright: This stylesheet has been placed in the public domain.
21    
22     Default cascading style sheet for the PEP HTML output of Docutils.
23     */
24    
25     .first {
26     margin-top: 0 }
27    
28     .last {
29     margin-bottom: 0 }
30    
31     .navigation {
32     width: 100% ;
33     background: #cc99ff ;
34     margin-top: 0px ;
35     margin-bottom: 0px }
36    
37     .navigation .navicon {
38     width: 150px ;
39     height: 35px }
40    
41     .navigation .textlinks {
42     padding-left: 1em ;
43     text-align: left }
44    
45     .navigation td, .navigation th {
46     padding-left: 0em ;
47     padding-right: 0em ;
48     vertical-align: middle }
49    
50     .rfc2822 {
51     margin-top: 0.5em ;
52     margin-left: 0.5em ;
53     margin-right: 0.5em ;
54     margin-bottom: 0em }
55    
56     .rfc2822 td {
57     text-align: left }
58    
59     .rfc2822 th.field-name {
60     text-align: right ;
61     font-family: sans-serif ;
62     padding-right: 0.5em ;
63     font-weight: bold ;
64     margin-bottom: 0em }
65    
66     a.toc-backref {
67     text-decoration: none ;
68     color: black }
69    
70     body {
71     margin: 0px ;
72     margin-bottom: 1em ;
73     padding: 0px }
74    
75     dd {
76     margin-bottom: 0.5em }
77    
78     div.section {
79     margin-left: 1em ;
80     margin-right: 1em ;
81     margin-bottom: 1.5em }
82    
83     div.section div.section {
84     margin-left: 0em ;
85     margin-right: 0em ;
86     margin-top: 1.5em }
87    
88     div.abstract {
89     margin: 2em 5em }
90    
91     div.abstract p.topic-title {
92     font-weight: bold ;
93     text-align: center }
94    
95     div.attention, div.caution, div.danger, div.error, div.hint,
96     div.important, div.note, div.tip, div.warning {
97     margin: 2em ;
98     border: medium outset ;
99     padding: 1em }
100    
101     div.attention p.admonition-title, div.caution p.admonition-title,
102     div.danger p.admonition-title, div.error p.admonition-title,
103     div.warning p.admonition-title {
104     color: red ;
105     font-weight: bold ;
106     font-family: sans-serif }
107    
108     div.hint p.admonition-title, div.important p.admonition-title,
109     div.note p.admonition-title, div.tip p.admonition-title {
110     font-weight: bold ;
111     font-family: sans-serif }
112    
113     div.figure {
114     margin-left: 2em }
115    
116     div.footer, div.header {
117     font-size: smaller }
118    
119     div.footer {
120     margin-left: 1em ;
121     margin-right: 1em }
122    
123     div.system-messages {
124     margin: 5em }
125    
126     div.system-messages h1 {
127     color: red }
128    
129     div.system-message {
130     border: medium outset ;
131     padding: 1em }
132    
133     div.system-message p.system-message-title {
134     color: red ;
135     font-weight: bold }
136    
137     div.topic {
138     margin: 2em }
139    
140     h1 {
141     font-family: sans-serif ;
142     font-size: large }
143    
144     h2 {
145     font-family: sans-serif ;
146     font-size: medium }
147    
148     h3 {
149     font-family: sans-serif ;
150     font-size: small }
151    
152     h4 {
153     font-family: sans-serif ;
154     font-style: italic ;
155     font-size: small }
156    
157     h5 {
158     font-family: sans-serif;
159     font-size: x-small }
160    
161     h6 {
162     font-family: sans-serif;
163     font-style: italic ;
164     font-size: x-small }
165    
166     .section hr {
167     width: 75% }
168    
169     ol.simple, ul.simple {
170     margin-bottom: 1em }
171    
172     ol.arabic {
173     list-style: decimal }
174    
175     ol.loweralpha {
176     list-style: lower-alpha }
177    
178     ol.upperalpha {
179     list-style: upper-alpha }
180    
181     ol.lowerroman {
182     list-style: lower-roman }
183    
184     ol.upperroman {
185     list-style: upper-roman }
186    
187     p.caption {
188     font-style: italic }
189    
190     p.credits {
191     font-style: italic ;
192     font-size: smaller }
193    
194     p.label {
195     white-space: nowrap }
196    
197     p.topic-title {
198     font-family: sans-serif ;
199     font-weight: bold }
200    
201     pre.line-block {
202     font-family: serif ;
203     font-size: 100% }
204    
205     pre.literal-block, pre.doctest-block {
206     margin-left: 2em ;
207     margin-right: 2em ;
208     background-color: #eeeeee }
209    
210     span.classifier {
211     font-family: sans-serif ;
212     font-style: oblique }
213    
214     span.classifier-delimiter {
215     font-family: sans-serif ;
216     font-weight: bold }
217    
218     span.interpreted {
219     font-family: sans-serif }
220    
221     span.option-argument {
222     font-style: italic }
223    
224     span.pre {
225     white-space: pre }
226    
227     span.problematic {
228     color: red }
229    
230     table {
231     margin-top: 0.5em ;
232     margin-bottom: 0.5em }
233    
234     td, th {
235     padding-left: 0.5em ;
236     padding-right: 0.5em ;
237     vertical-align: top }
238    
239     td.num {
240     text-align: right }
241    
242     th.field-name {
243     font-weight: bold ;
244     text-align: left ;
245     white-space: nowrap }
246    
247     h1 tt, h2 tt, h3 tt, h4 tt, h5 tt, h6 tt {
248     font-size: 100% }
249    
250     tt {
251     background-color: #eeeeee }
252    
253     ul.auto-toc {
254     list-style-type: none }
255    
256     </style>
257 g2boojum 1.1 </head>
258     <body bgcolor="white">
259     <table class="navigation" cellpadding="0" cellspacing="0"
260     width="100%" border="0">
261     <tr><td class="navicon" width="150" height="35">
262     <a href="http://www.gentoo.org/" title="Gentoo Linux Home Page">
263     <img src="http://www.gentoo.org/images/gentoo-new.gif" alt="[Gentoo]"
264     border="0" width="150" height="35" /></a></td>
265     <td class="textlinks" align="left">
266     [<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>]
267 g2boojum 1.5 [<b><a href="http://www.gentoo.org/peps">GLEP Index</a></b>]
268     [<b><a href="http://www.gentoo.org/proj/en/glep/glep-0014.txt">GLEP Source</a></b>]
269 g2boojum 1.1 </td></tr></table>
270 g2boojum 1.5 <table class="rfc2822 docutils field-list" frame="void" rules="none">
271 g2boojum 1.1 <col class="field-name" />
272     <col class="field-body" />
273     <tbody valign="top">
274     <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">14</td>
275     </tr>
276     <tr class="field"><th class="field-name">Title:</th><td class="field-body">security updates based on GLSA</td>
277     </tr>
278 g2boojum 1.5 <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.5</td>
279 g2boojum 1.1 </tr>
280 g2boojum 1.5 <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0014.txt?cvsroot=gentoo">2004/10/26 00:21:28</a></td>
281 g2boojum 1.1 </tr>
282     <tr class="field"><th class="field-name">Author:</th><td class="field-body">Marius Mauch &lt;genone&#32;&#97;t&#32;genone.de&gt;,</td>
283     </tr>
284 g2boojum 1.3 <tr class="field"><th class="field-name">Status:</th><td class="field-body">Accepted</td>
285 g2boojum 1.1 </tr>
286     <tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td>
287     </tr>
288 g2boojum 1.5 <tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="glep-0002.html">text/x-rst</a></td>
289 g2boojum 1.1 </tr>
290     <tr class="field"><th class="field-name">Created:</th><td class="field-body">18 Aug 2003</td>
291     </tr>
292 g2boojum 1.4 <tr class="field"><th class="field-name">Post-History:</th><td class="field-body">22-Aug-2003, 24-Aug-2003, 10-Nov-2003, 25-Oct-2004</td>
293 g2boojum 1.1 </tr>
294 genone 1.6 <tr class="field"><th class="field-name">Requires:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/proj/en/glepglep-0021.html">21</a></td>
295     </tr>
296 g2boojum 1.1 </tbody>
297     </table>
298     <hr />
299 g2boojum 1.5 <div class="contents topic">
300     <p class="topic-title first"><a id="contents" name="contents">Contents</a></p>
301 g2boojum 1.1 <ul class="simple">
302     <li><a class="reference" href="#abstract" id="id2" name="id2">Abstract</a></li>
303 g2boojum 1.4 <li><a class="reference" href="#status-update" id="id3" name="id3">Status Update</a></li>
304     <li><a class="reference" href="#motivation" id="id4" name="id4">Motivation</a></li>
305     <li><a class="reference" href="#proposed-change" id="id5" name="id5">Proposed change</a><ul>
306     <li><a class="reference" href="#update-tool" id="id6" name="id6">Update tool</a></li>
307     <li><a class="reference" href="#glsa-format" id="id7" name="id7">GLSA format</a></li>
308     <li><a class="reference" href="#glsa-release-process" id="id8" name="id8">GLSA release process</a></li>
309     <li><a class="reference" href="#portage-changes" id="id9" name="id9">Portage changes</a></li>
310 g2boojum 1.1 </ul>
311     </li>
312 g2boojum 1.4 <li><a class="reference" href="#rationale" id="id10" name="id10">Rationale</a></li>
313     <li><a class="reference" href="#implementation" id="id11" name="id11">Implementation</a></li>
314     <li><a class="reference" href="#backwards-compatibility" id="id12" name="id12">Backwards compatibility</a></li>
315     <li><a class="reference" href="#copyright" id="id13" name="id13">Copyright</a></li>
316 g2boojum 1.1 </ul>
317     </div>
318 g2boojum 1.5 <div class="section">
319     <h1><a class="toc-backref" href="#id2" id="abstract" name="abstract">Abstract</a></h1>
320 g2boojum 1.1 <p>There is currently no automatic way to check a Gentoo system for identified
321     security holes or auto-apply security fixes. This GLEP proposes a way to deal
322     with this issue</p>
323     </div>
324 g2boojum 1.5 <div class="section">
325     <h1><a class="toc-backref" href="#id3" id="status-update" name="status-update">Status Update</a></h1>
326 genone 1.6 <p>Preliminary implementation <tt class="docutils literal"><span class="pre">glsa-check</span></tt> in gentoolkit, final implementation
327     pending set support in portage (GLEP 21).</p>
328 g2boojum 1.4 </div>
329 g2boojum 1.5 <div class="section">
330     <h1><a class="toc-backref" href="#id4" id="motivation" name="motivation">Motivation</a></h1>
331 g2boojum 1.1 <p>Automatic checking for security updates is a often requested feature for Gentoo.
332     Implementing it will enable users to fix security holes without reading every
333     security announcement. It's also a feature that is often required in enterprise
334     environments.</p>
335     </div>
336 g2boojum 1.5 <div class="section">
337     <h1><a class="toc-backref" href="#id5" id="proposed-change" name="proposed-change">Proposed change</a></h1>
338     <div class="section">
339     <h2><a class="toc-backref" href="#id6" id="update-tool" name="update-tool">Update tool</a></h2>
340 g2boojum 1.2 <p>The coding part of this GLEP is a update tool that reads a GLSA, verifies its
341 g2boojum 1.5 GPG signature, checks if the system is affected by it and executes one of the
342 g2boojum 1.2 following actions, depending on user preferences:</p>
343 g2boojum 1.1 <ul class="simple">
344     <li>run all steps necessary to fix the security hole, including package updates and
345     daemon restarts.</li>
346     <li>instruct the user how to fix the security hole.</li>
347     <li>print the GLSA so the user can get more information if desired.</li>
348     </ul>
349     <p>Once this tool is implemented and well tested it can be integrated into portage.
350     A prototype <a class="reference" href="#implementation">implementation</a> for this tool exists.</p>
351     </div>
352 g2boojum 1.5 <div class="section">
353     <h2><a class="toc-backref" href="#id7" id="glsa-format" name="glsa-format">GLSA format</a></h2>
354 g2boojum 1.1 <p>The GLSA format needs to be specified, I suggest using XML for that to simplify
355     parsing and later extensions. See <a class="reference" href="#implementation">implementation</a> for a sample DTD. The format
356     has to be compatible with the update tool of course. If necessary a converter
357 g2boojum 1.3 tool or an editor could be written for people not comfortable with XML (update:
358 g2boojum 1.5 a QT based editor for the GLSA format written by plasmaroo exists in the
359     gentoo-projects repository). Every GLSA has to be GPG signed by the responsible
360 g2boojum 1.3 developer, who has to be a member of the security herd.</p>
361 g2boojum 1.1 </div>
362 g2boojum 1.5 <div class="section">
363     <h2><a class="toc-backref" href="#id8" id="glsa-release-process" name="glsa-release-process">GLSA release process</a></h2>
364 g2boojum 1.1 <p>Additional to sending the GLSA to the gentoo-announce mailing list it has to be
365 g2boojum 1.5 stored on a HTTP/FTP server and in the portage tree. I'd suggest a script should
366 g2boojum 1.1 be used to release a GLSA that will:</p>
367     <ul class="simple">
368     <li>check the GLSA for correctness</li>
369 g2boojum 1.2 <li>sign the GLSA with the developers GPG key</li>
370 g2boojum 1.1 <li>send a mail to gentoo-announce with the XML GLSA and a plaintext version attached</li>
371 g2boojum 1.3 <li>upload it to www.gentoo.org/security/en/glsa (via cvs commit)</li>
372     <li>put it on the rsync server (via cvs commit)</li>
373 g2boojum 1.1 <li>notify the moderators on the forums to make an announcement</li>
374     </ul>
375     </div>
376 g2boojum 1.5 <div class="section">
377     <h2><a class="toc-backref" href="#id9" id="portage-changes" name="portage-changes">Portage changes</a></h2>
378 g2boojum 1.1 <p>Until the <a class="reference" href="#update-tool">update tool</a> is integrated into portage there will be no code changes
379     to portage. The update tool might require a few new configuration options, these
380     could be placed in make.conf or another config file in /etc/portage.</p>
381     </div>
382     </div>
383 g2boojum 1.5 <div class="section">
384     <h1><a class="toc-backref" href="#id10" id="rationale" name="rationale">Rationale</a></h1>
385 g2boojum 1.1 <p>The lack of automated security updates for Gentoo is one of the most often requested
386     features for portage as it is one of the standard features of other distributions.
387     As Gentoo already provides GLSAs for important security bugs it is only natural
388     to use these to implement this feature.</p>
389     <p>To parse a GLSA in a program the format needs to be specified and a parser has
390     to be written. I suggest the use of XML for future GLSAs for the following reasons:</p>
391     <ul class="simple">
392     <li>can be parsed and validated with existing libraries</li>
393     <li>easy to extend while maintaining backwards compatibility</li>
394     <li>tools can convert XML GLSAs in other formats, the other direction would be harder</li>
395     <li>websites can use XSLT to markup GLSAs</li>
396     </ul>
397     <p>Putting the GLSAs in the portage tree allows all users to check their systems
398     for security updates without taking more actions and simplifies later integration
399 g2boojum 1.5 of the update tool into portage. For security minded persons the GLSAs are
400 g2boojum 1.1 available on a HTTP server to ease the load of the rsync servers.</p>
401 g2boojum 1.2 <p>To verify the signatures of the GLSAs the public keys of the developers should be
402     available in the portage tree and on the HTTP server. The verification is necessary
403     to prevent exploits by fake GLSAs.</p>
404 g2boojum 1.1 </div>
405 g2boojum 1.5 <div class="section">
406     <h1><a class="toc-backref" href="#id11" id="implementation" name="implementation">Implementation</a></h1>
407 g2boojum 1.1 <p>A prototype implementation (including the update tool, a DTD and a sample
408 g2boojum 1.5 XMLified GLSA) exists at <a class="reference" href="http://gentoo.devel-net.org/glsa/">http://gentoo.devel-net.org/glsa/</a> and in the
409     gentoo-projects/gentoo-security/GLSA repository. This GLEP is based
410 g2boojum 1.3 on that implementation, though it can be changed or rewritten if necessary.</p>
411 g2boojum 1.1 </div>
412 g2boojum 1.5 <div class="section">
413     <h1><a class="toc-backref" href="#id12" id="backwards-compatibility" name="backwards-compatibility">Backwards compatibility</a></h1>
414     <p>The current <a class="reference" href="#glsa-release-process">GLSA release process</a> needs to be replaced with this proposal. It
415 g2boojum 1.1 would be nice if old GLSAs would be transformed into XML as well, but that is
416     not a requirement for this GLEP.</p>
417     </div>
418 g2boojum 1.5 <div class="section">
419     <h1><a class="toc-backref" href="#id13" id="copyright" name="copyright">Copyright</a></h1>
420 g2boojum 1.1 <p>This document has been placed in the public domain.</p>
421     </div>
422 g2boojum 1.5
423 g2boojum 1.1 </div>
424 g2boojum 1.5 <div class="footer">
425 g2boojum 1.4 <hr class="footer" />
426 g2boojum 1.1 <a class="reference" href="glep-0014.txt">View document source</a>.
427 genone 1.6 Generated on: 2006-10-14 03:00 UTC.
428 g2boojum 1.1 Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source.
429 g2boojum 1.5
430 g2boojum 1.1 </div>
431     </body>
432     </html>

  ViewVC Help
Powered by ViewVC 1.1.20