| 1 | <?xml version="1.0" encoding="utf-8" ?> |
1 | <?xml version="1.0" encoding="utf-8" ?> |
| 2 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
2 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
| 3 | <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
3 | <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
| 4 | <!-- |
4 | |
| 5 | This HTML is auto-generated. DO NOT EDIT THIS FILE! If you are writing a new |
|
|
| 6 | PEP, see http://www.python.org/peps/pep-0001.html for instructions and links |
|
|
| 7 | to templates. DO NOT USE THIS HTML FILE AS YOUR TEMPLATE! |
|
|
| 8 | --> |
|
|
| 9 | <head> |
5 | <head> |
| 10 | <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> |
6 | <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> |
| 11 | <meta name="generator" content="Docutils 0.3.0: http://docutils.sourceforge.net/" /> |
7 | <meta name="generator" content="Docutils 0.4: http://docutils.sourceforge.net/" /> |
| 12 | <title>GLEP 14 -- security updates based on GLSA</title> |
8 | <title>GLEP 14 -- security updates based on GLSA</title> |
| 13 | <link rel="stylesheet" href="tools/glep.css" type="text/css" /> |
9 | <link rel="stylesheet" href="tools/glep.css" type="text/css" /> |
| 14 | </head> |
10 | </head> |
| 15 | <body bgcolor="white"> |
11 | <body bgcolor="white"> |
| 16 | <table class="navigation" cellpadding="0" cellspacing="0" |
12 | <table class="navigation" cellpadding="0" cellspacing="0" |
| … | |
… | |
| 22 | <td class="textlinks" align="left"> |
18 | <td class="textlinks" align="left"> |
| 23 | [<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>] |
19 | [<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>] |
| 24 | [<b><a href="http://www.gentoo.org/proj/en/glep">GLEP Index</a></b>] |
20 | [<b><a href="http://www.gentoo.org/proj/en/glep">GLEP Index</a></b>] |
| 25 | [<b><a href="http://www.gentoo.org/proj/en/glep/glep-0014.txt">GLEP Source</a></b>] |
21 | [<b><a href="http://www.gentoo.org/proj/en/glep/glep-0014.txt">GLEP Source</a></b>] |
| 26 | </td></tr></table> |
22 | </td></tr></table> |
| 27 | <div class="document"> |
|
|
| 28 | <table class="rfc2822 field-list" frame="void" rules="none"> |
23 | <table class="rfc2822 docutils field-list" frame="void" rules="none"> |
| 29 | <col class="field-name" /> |
24 | <col class="field-name" /> |
| 30 | <col class="field-body" /> |
25 | <col class="field-body" /> |
| 31 | <tbody valign="top"> |
26 | <tbody valign="top"> |
| 32 | <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">14</td> |
27 | <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">14</td> |
| 33 | </tr> |
28 | </tr> |
| 34 | <tr class="field"><th class="field-name">Title:</th><td class="field-body">security updates based on GLSA</td> |
29 | <tr class="field"><th class="field-name">Title:</th><td class="field-body">security updates based on GLSA</td> |
| 35 | </tr> |
30 | </tr> |
| 36 | <tr class="field"><th class="field-name">Version:</th><td class="field-body">$Revision: 1.2 $</td> |
31 | <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.6</td> |
| 37 | </tr> |
32 | </tr> |
| 38 | <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0014.txt?cvsroot=gentoo">$Date: 2003/08/24 22:11:46 $</a></td> |
33 | <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0014.txt?cvsroot=gentoo">2006/10/14 02:54:24</a></td> |
| 39 | </tr> |
34 | </tr> |
| 40 | <tr class="field"><th class="field-name">Author:</th><td class="field-body">Marius Mauch <genone at genone.de>,</td> |
35 | <tr class="field"><th class="field-name">Author:</th><td class="field-body">Marius Mauch <genone at genone.de>,</td> |
| 41 | </tr> |
36 | </tr> |
| 42 | <tr class="field"><th class="field-name">Status:</th><td class="field-body">Draft</td> |
37 | <tr class="field"><th class="field-name">Status:</th><td class="field-body">Accepted</td> |
| 43 | </tr> |
38 | </tr> |
| 44 | <tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td> |
39 | <tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td> |
| 45 | </tr> |
40 | </tr> |
| 46 | <tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="glep-0002.html">text/x-rst</a></td> |
41 | <tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="glep-0002.html">text/x-rst</a></td> |
| 47 | </tr> |
42 | </tr> |
| 48 | <tr class="field"><th class="field-name">Created:</th><td class="field-body">18 Aug 2003</td> |
43 | <tr class="field"><th class="field-name">Created:</th><td class="field-body">18 Aug 2003</td> |
| 49 | </tr> |
44 | </tr> |
| 50 | <tr class="field"><th class="field-name">Post-History:</th><td class="field-body">22-Aug-2003, 24-Aug-2003</td> |
45 | <tr class="field"><th class="field-name">Post-History:</th><td class="field-body">22-Aug-2003, 24-Aug-2003, 10-Nov-2003, 25-Oct-2004</td> |
|
|
46 | </tr> |
|
|
47 | <tr class="field"><th class="field-name">Requires:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/proj/en/glepglep-0021.html">21</a></td> |
| 51 | </tr> |
48 | </tr> |
| 52 | </tbody> |
49 | </tbody> |
| 53 | </table> |
50 | </table> |
| 54 | <hr /> |
51 | <hr /> |
| 55 | <div class="contents topic" id="contents"> |
52 | <div class="contents topic"> |
| 56 | <p class="topic-title"><a name="contents">Contents</a></p> |
53 | <p class="topic-title first"><a id="contents" name="contents">Contents</a></p> |
| 57 | <ul class="simple"> |
54 | <ul class="simple"> |
| 58 | <li><a class="reference" href="#abstract" id="id2" name="id2">Abstract</a></li> |
55 | <li><a class="reference" href="#abstract" id="id2" name="id2">Abstract</a></li> |
|
|
56 | <li><a class="reference" href="#status-update" id="id3" name="id3">Status Update</a></li> |
| 59 | <li><a class="reference" href="#motivation" id="id3" name="id3">Motivation</a></li> |
57 | <li><a class="reference" href="#motivation" id="id4" name="id4">Motivation</a></li> |
| 60 | <li><a class="reference" href="#proposed-change" id="id4" name="id4">Proposed change</a><ul> |
58 | <li><a class="reference" href="#proposed-change" id="id5" name="id5">Proposed change</a><ul> |
| 61 | <li><a class="reference" href="#update-tool" id="id5" name="id5">Update tool</a></li> |
59 | <li><a class="reference" href="#update-tool" id="id6" name="id6">Update tool</a></li> |
| 62 | <li><a class="reference" href="#glsa-format" id="id6" name="id6">GLSA format</a></li> |
60 | <li><a class="reference" href="#glsa-format" id="id7" name="id7">GLSA format</a></li> |
| 63 | <li><a class="reference" href="#glsa-release-process" id="id7" name="id7">GLSA release process</a></li> |
61 | <li><a class="reference" href="#glsa-release-process" id="id8" name="id8">GLSA release process</a></li> |
| 64 | <li><a class="reference" href="#portage-changes" id="id8" name="id8">Portage changes</a></li> |
62 | <li><a class="reference" href="#portage-changes" id="id9" name="id9">Portage changes</a></li> |
| 65 | </ul> |
63 | </ul> |
| 66 | </li> |
64 | </li> |
| 67 | <li><a class="reference" href="#rationale" id="id9" name="id9">Rationale</a></li> |
65 | <li><a class="reference" href="#rationale" id="id10" name="id10">Rationale</a></li> |
| 68 | <li><a class="reference" href="#implementation" id="id10" name="id10">Implementation</a></li> |
66 | <li><a class="reference" href="#implementation" id="id11" name="id11">Implementation</a></li> |
| 69 | <li><a class="reference" href="#backwards-compatibility" id="id11" name="id11">Backwards compatibility</a></li> |
67 | <li><a class="reference" href="#backwards-compatibility" id="id12" name="id12">Backwards compatibility</a></li> |
| 70 | <li><a class="reference" href="#copyright" id="id12" name="id12">Copyright</a></li> |
68 | <li><a class="reference" href="#copyright" id="id13" name="id13">Copyright</a></li> |
| 71 | </ul> |
69 | </ul> |
| 72 | </div> |
70 | </div> |
| 73 | <div class="section" id="abstract"> |
71 | <div class="section"> |
| 74 | <h1><a class="toc-backref" href="#id2" name="abstract">Abstract</a></h1> |
72 | <h1><a class="toc-backref" href="#id2" id="abstract" name="abstract">Abstract</a></h1> |
| 75 | <p>There is currently no automatic way to check a Gentoo system for identified |
73 | <p>There is currently no automatic way to check a Gentoo system for identified |
| 76 | security holes or auto-apply security fixes. This GLEP proposes a way to deal |
74 | security holes or auto-apply security fixes. This GLEP proposes a way to deal |
| 77 | with this issue</p> |
75 | with this issue</p> |
| 78 | </div> |
76 | </div> |
| 79 | <div class="section" id="motivation"> |
77 | <div class="section"> |
|
|
78 | <h1><a class="toc-backref" href="#id3" id="status-update" name="status-update">Status Update</a></h1> |
|
|
79 | <p>Preliminary implementation <tt class="docutils literal"><span class="pre">glsa-check</span></tt> in gentoolkit, final implementation |
|
|
80 | pending set support in portage (GLEP 21).</p> |
|
|
81 | </div> |
|
|
82 | <div class="section"> |
| 80 | <h1><a class="toc-backref" href="#id3" name="motivation">Motivation</a></h1> |
83 | <h1><a class="toc-backref" href="#id4" id="motivation" name="motivation">Motivation</a></h1> |
| 81 | <p>Automatic checking for security updates is a often requested feature for Gentoo. |
84 | <p>Automatic checking for security updates is a often requested feature for Gentoo. |
| 82 | Implementing it will enable users to fix security holes without reading every |
85 | Implementing it will enable users to fix security holes without reading every |
| 83 | security announcement. It's also a feature that is often required in enterprise |
86 | security announcement. It's also a feature that is often required in enterprise |
| 84 | environments.</p> |
87 | environments.</p> |
| 85 | </div> |
88 | </div> |
| 86 | <div class="section" id="proposed-change"> |
89 | <div class="section"> |
| 87 | <h1><a class="toc-backref" href="#id4" name="proposed-change">Proposed change</a></h1> |
90 | <h1><a class="toc-backref" href="#id5" id="proposed-change" name="proposed-change">Proposed change</a></h1> |
| 88 | <div class="section" id="update-tool"> |
91 | <div class="section"> |
| 89 | <h2><a class="toc-backref" href="#id5" name="update-tool">Update tool</a></h2> |
92 | <h2><a class="toc-backref" href="#id6" id="update-tool" name="update-tool">Update tool</a></h2> |
| 90 | <p>The coding part of this GLEP is a update tool that reads a GLSA, verifies its |
93 | <p>The coding part of this GLEP is a update tool that reads a GLSA, verifies its |
| 91 | GPG signature, checks if the system is affected by it and executes one of the |
94 | GPG signature, checks if the system is affected by it and executes one of the |
| 92 | following actions, depending on user preferences:</p> |
95 | following actions, depending on user preferences:</p> |
| 93 | <ul class="simple"> |
96 | <ul class="simple"> |
| 94 | <li>run all steps necessary to fix the security hole, including package updates and |
97 | <li>run all steps necessary to fix the security hole, including package updates and |
| 95 | daemon restarts.</li> |
98 | daemon restarts.</li> |
| 96 | <li>instruct the user how to fix the security hole.</li> |
99 | <li>instruct the user how to fix the security hole.</li> |
| 97 | <li>print the GLSA so the user can get more information if desired.</li> |
100 | <li>print the GLSA so the user can get more information if desired.</li> |
| 98 | </ul> |
101 | </ul> |
| 99 | <p>Once this tool is implemented and well tested it can be integrated into portage. |
102 | <p>Once this tool is implemented and well tested it can be integrated into portage. |
| 100 | A prototype <a class="reference" href="#implementation">implementation</a> for this tool exists.</p> |
103 | A prototype <a class="reference" href="#implementation">implementation</a> for this tool exists.</p> |
| 101 | </div> |
104 | </div> |
| 102 | <div class="section" id="glsa-format"> |
105 | <div class="section"> |
| 103 | <h2><a class="toc-backref" href="#id6" name="glsa-format">GLSA format</a></h2> |
106 | <h2><a class="toc-backref" href="#id7" id="glsa-format" name="glsa-format">GLSA format</a></h2> |
| 104 | <p>The GLSA format needs to be specified, I suggest using XML for that to simplify |
107 | <p>The GLSA format needs to be specified, I suggest using XML for that to simplify |
| 105 | parsing and later extensions. See <a class="reference" href="#implementation">implementation</a> for a sample DTD. The format |
108 | parsing and later extensions. See <a class="reference" href="#implementation">implementation</a> for a sample DTD. The format |
| 106 | has to be compatible with the update tool of course. If necessary a converter |
109 | has to be compatible with the update tool of course. If necessary a converter |
| 107 | tool or an editor could be written for people not comfortable with XML. |
110 | tool or an editor could be written for people not comfortable with XML (update: |
| 108 | Every GLSA has to be GPG signed by the responsible developer, who has to be |
111 | a QT based editor for the GLSA format written by plasmaroo exists in the |
| 109 | a member of the security herd.</p> |
112 | gentoo-projects repository). Every GLSA has to be GPG signed by the responsible |
|
|
113 | developer, who has to be a member of the security herd.</p> |
| 110 | </div> |
114 | </div> |
| 111 | <div class="section" id="glsa-release-process"> |
115 | <div class="section"> |
| 112 | <h2><a class="toc-backref" href="#id7" name="glsa-release-process">GLSA release process</a></h2> |
116 | <h2><a class="toc-backref" href="#id8" id="glsa-release-process" name="glsa-release-process">GLSA release process</a></h2> |
| 113 | <p>Additional to sending the GLSA to the gentoo-announce mailing list it has to be |
117 | <p>Additional to sending the GLSA to the gentoo-announce mailing list it has to be |
| 114 | stored on a HTTP/FTP server and in the portage tree. I'd suggest a script should |
118 | stored on a HTTP/FTP server and in the portage tree. I'd suggest a script should |
| 115 | be used to release a GLSA that will:</p> |
119 | be used to release a GLSA that will:</p> |
| 116 | <ul class="simple"> |
120 | <ul class="simple"> |
| 117 | <li>check the GLSA for correctness</li> |
121 | <li>check the GLSA for correctness</li> |
| 118 | <li>sign the GLSA with the developers GPG key</li> |
122 | <li>sign the GLSA with the developers GPG key</li> |
| 119 | <li>send a mail to gentoo-announce with the XML GLSA and a plaintext version attached</li> |
123 | <li>send a mail to gentoo-announce with the XML GLSA and a plaintext version attached</li> |
| 120 | <li>upload it to www.gentoo.org/glsa (or wherever they should be uploaded)</li> |
124 | <li>upload it to www.gentoo.org/security/en/glsa (via cvs commit)</li> |
| 121 | <li>put it on the rsync server</li> |
125 | <li>put it on the rsync server (via cvs commit)</li> |
| 122 | <li>notify the moderators on the forums to make an announcement</li> |
126 | <li>notify the moderators on the forums to make an announcement</li> |
| 123 | </ul> |
127 | </ul> |
| 124 | </div> |
128 | </div> |
| 125 | <div class="section" id="portage-changes"> |
129 | <div class="section"> |
| 126 | <h2><a class="toc-backref" href="#id8" name="portage-changes">Portage changes</a></h2> |
130 | <h2><a class="toc-backref" href="#id9" id="portage-changes" name="portage-changes">Portage changes</a></h2> |
| 127 | <p>Until the <a class="reference" href="#update-tool">update tool</a> is integrated into portage there will be no code changes |
131 | <p>Until the <a class="reference" href="#update-tool">update tool</a> is integrated into portage there will be no code changes |
| 128 | to portage. The update tool might require a few new configuration options, these |
132 | to portage. The update tool might require a few new configuration options, these |
| 129 | could be placed in make.conf or another config file in /etc/portage.</p> |
133 | could be placed in make.conf or another config file in /etc/portage.</p> |
| 130 | </div> |
134 | </div> |
| 131 | </div> |
135 | </div> |
| 132 | <div class="section" id="rationale"> |
136 | <div class="section"> |
| 133 | <h1><a class="toc-backref" href="#id9" name="rationale">Rationale</a></h1> |
137 | <h1><a class="toc-backref" href="#id10" id="rationale" name="rationale">Rationale</a></h1> |
| 134 | <p>The lack of automated security updates for Gentoo is one of the most often requested |
138 | <p>The lack of automated security updates for Gentoo is one of the most often requested |
| 135 | features for portage as it is one of the standard features of other distributions. |
139 | features for portage as it is one of the standard features of other distributions. |
| 136 | As Gentoo already provides GLSAs for important security bugs it is only natural |
140 | As Gentoo already provides GLSAs for important security bugs it is only natural |
| 137 | to use these to implement this feature.</p> |
141 | to use these to implement this feature.</p> |
| 138 | <p>To parse a GLSA in a program the format needs to be specified and a parser has |
142 | <p>To parse a GLSA in a program the format needs to be specified and a parser has |
| … | |
… | |
| 143 | <li>tools can convert XML GLSAs in other formats, the other direction would be harder</li> |
147 | <li>tools can convert XML GLSAs in other formats, the other direction would be harder</li> |
| 144 | <li>websites can use XSLT to markup GLSAs</li> |
148 | <li>websites can use XSLT to markup GLSAs</li> |
| 145 | </ul> |
149 | </ul> |
| 146 | <p>Putting the GLSAs in the portage tree allows all users to check their systems |
150 | <p>Putting the GLSAs in the portage tree allows all users to check their systems |
| 147 | for security updates without taking more actions and simplifies later integration |
151 | for security updates without taking more actions and simplifies later integration |
| 148 | of the update tool into portage. For security minded persons the GLSAs are |
152 | of the update tool into portage. For security minded persons the GLSAs are |
| 149 | available on a HTTP server to ease the load of the rsync servers.</p> |
153 | available on a HTTP server to ease the load of the rsync servers.</p> |
| 150 | <p>To verify the signatures of the GLSAs the public keys of the developers should be |
154 | <p>To verify the signatures of the GLSAs the public keys of the developers should be |
| 151 | available in the portage tree and on the HTTP server. The verification is necessary |
155 | available in the portage tree and on the HTTP server. The verification is necessary |
| 152 | to prevent exploits by fake GLSAs.</p> |
156 | to prevent exploits by fake GLSAs.</p> |
| 153 | </div> |
157 | </div> |
| 154 | <div class="section" id="implementation"> |
158 | <div class="section"> |
| 155 | <h1><a class="toc-backref" href="#id10" name="implementation">Implementation</a></h1> |
159 | <h1><a class="toc-backref" href="#id11" id="implementation" name="implementation">Implementation</a></h1> |
| 156 | <p>A prototype implementation (including the update tool, a DTD and a sample |
160 | <p>A prototype implementation (including the update tool, a DTD and a sample |
| 157 | XMLified GLSA) exists at <a class="reference" href="http://gentoo.devel-net.org/glsa/">http://gentoo.devel-net.org/glsa/</a> . This GLEP is based |
161 | XMLified GLSA) exists at <a class="reference" href="http://gentoo.devel-net.org/glsa/">http://gentoo.devel-net.org/glsa/</a> and in the |
|
|
162 | gentoo-projects/gentoo-security/GLSA repository. This GLEP is based |
| 158 | on that implementation, though it can be changed or rewritten if necessary. |
163 | on that implementation, though it can be changed or rewritten if necessary.</p> |
| 159 | According to portage developers there is also already some support for this in |
|
|
| 160 | portage.</p> |
|
|
| 161 | </div> |
164 | </div> |
| 162 | <div class="section" id="backwards-compatibility"> |
165 | <div class="section"> |
| 163 | <h1><a class="toc-backref" href="#id11" name="backwards-compatibility">Backwards compatibility</a></h1> |
166 | <h1><a class="toc-backref" href="#id12" id="backwards-compatibility" name="backwards-compatibility">Backwards compatibility</a></h1> |
| 164 | <p>The current <a class="reference" href="#glsa-release-process">GLSA release process</a> needs to be replaced with this proposal. It |
167 | <p>The current <a class="reference" href="#glsa-release-process">GLSA release process</a> needs to be replaced with this proposal. It |
| 165 | would be nice if old GLSAs would be transformed into XML as well, but that is |
168 | would be nice if old GLSAs would be transformed into XML as well, but that is |
| 166 | not a requirement for this GLEP.</p> |
169 | not a requirement for this GLEP.</p> |
| 167 | </div> |
170 | </div> |
| 168 | <div class="section" id="copyright"> |
171 | <div class="section"> |
| 169 | <h1><a class="toc-backref" href="#id12" name="copyright">Copyright</a></h1> |
172 | <h1><a class="toc-backref" href="#id13" id="copyright" name="copyright">Copyright</a></h1> |
| 170 | <p>This document has been placed in the public domain.</p> |
173 | <p>This document has been placed in the public domain.</p> |
| 171 | </div> |
174 | </div> |
|
|
175 | |
| 172 | </div> |
176 | </div> |
|
|
177 | <div class="footer"> |
|
|
178 | <hr class="footer" /> |
|
|
179 | <a class="reference" href="glep-0014.txt">View document source</a>. |
|
|
180 | Generated on: 2007-10-13 13:39 UTC. |
|
|
181 | Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source. |
| 173 | |
182 | |
| 174 | <hr class="footer"/> |
|
|
| 175 | <div class="footer"> |
|
|
| 176 | <a class="reference" href="glep-0014.txt">View document source</a>. |
|
|
| 177 | Generated on: 2003-08-24 22:06 UTC. |
|
|
| 178 | Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source. |
|
|
| 179 | </div> |
183 | </div> |
| 180 | </body> |
184 | </body> |
| 181 | </html> |
185 | </html> |
| 182 | |
186 | |
Parent Directory
| 
Revision Log
| 
Patch