/[gentoo]/xml/htdocs/proj/en/glep/glep-0014.txt
Gentoo

Diff of /xml/htdocs/proj/en/glep/glep-0014.txt

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.1 Revision 1.6
1GLEP: 14 1GLEP: 14
2Title: security updates based on GLSA 2Title: security updates based on GLSA
3Version: $Revision: 1.1 $ 3Version: $Revision: 1.6 $
4Last-Modified: $Date: 2003/08/22 15:00:55 $ 4Last-Modified: $Date: 2006/10/14 02:54:24 $
5Author: Marius Mauch <genone@genone.de>, 5Author: Marius Mauch <genone@genone.de>,
6Status: Draft 6Status: Accepted
7Type: Standards Track 7Type: Standards Track
8Content-Type: text/x-rst 8Content-Type: text/x-rst
9Created: 18 Aug 2003 9Created: 18 Aug 2003
10 10Post-History: 22-Aug-2003, 24-Aug-2003, 10-Nov-2003, 25-Oct-2004
11Requires: 21
11 12
12Abstract 13Abstract
13======== 14========
14 15
15There is currently no automatic way to check a Gentoo system for identified 16There is currently no automatic way to check a Gentoo system for identified
16security holes or auto-apply security fixes. This GLEP proposes a way to deal 17security holes or auto-apply security fixes. This GLEP proposes a way to deal
17with this issue 18with this issue
19
20Status Update
21=============
22
23Preliminary implementation ``glsa-check`` in gentoolkit, final implementation
24pending set support in portage (GLEP 21).
18 25
19 26
20Motivation 27Motivation
21========== 28==========
22 29
30=============== 37===============
31 38
32Update tool 39Update tool
33----------- 40-----------
34 41
35The coding part of this GLEP is a update tool that reads a GLSA, checks if 42The coding part of this GLEP is a update tool that reads a GLSA, verifies its
36the system is affected by it and executes one of the following actions, depending 43GPG signature, checks if the system is affected by it and executes one of the
37on user preferences: 44following actions, depending on user preferences:
38 45
39- run all steps necessary to fix the security hole, including package updates and 46- run all steps necessary to fix the security hole, including package updates and
40 daemon restarts. 47 daemon restarts.
41- instruct the user how to fix the security hole. 48- instruct the user how to fix the security hole.
42- print the GLSA so the user can get more information if desired. 49- print the GLSA so the user can get more information if desired.
49----------- 56-----------
50 57
51The GLSA format needs to be specified, I suggest using XML for that to simplify 58The GLSA format needs to be specified, I suggest using XML for that to simplify
52parsing and later extensions. See `implementation`_ for a sample DTD. The format 59parsing and later extensions. See `implementation`_ for a sample DTD. The format
53has to be compatible with the update tool of course. If necessary a converter 60has to be compatible with the update tool of course. If necessary a converter
54tool or an editor could be written for people not comfortable with XML. 61tool or an editor could be written for people not comfortable with XML (update:
62a QT based editor for the GLSA format written by plasmaroo exists in the
63gentoo-projects repository). Every GLSA has to be GPG signed by the responsible
64developer, who has to be a member of the security herd.
55 65
56 66
57GLSA release process 67GLSA release process
58-------------------- 68--------------------
59 69
60Additional to sending the GLSA to the gentoo-announce mailing list it has to be 70Additional to sending the GLSA to the gentoo-announce mailing list it has to be
61stored on a HTTP/FTP server and in the portage tree. I'd suggest a script should 71stored on a HTTP/FTP server and in the portage tree. I'd suggest a script should
62be used to release a GLSA that will: 72be used to release a GLSA that will:
63 73
64- check the GLSA for correctness 74- check the GLSA for correctness
75- sign the GLSA with the developers GPG key
65- send a mail to gentoo-announce with the XML GLSA and a plaintext version attached 76- send a mail to gentoo-announce with the XML GLSA and a plaintext version attached
66- upload it to www.gentoo.org/glsa (or wherever they should be uploaded) 77- upload it to www.gentoo.org/security/en/glsa (via cvs commit)
67- put it on the rsync server 78- put it on the rsync server (via cvs commit)
68- notify the moderators on the forums to make an announcement 79- notify the moderators on the forums to make an announcement
69 80
70 81
71Portage changes 82Portage changes
72--------------- 83---------------
95Putting the GLSAs in the portage tree allows all users to check their systems 106Putting the GLSAs in the portage tree allows all users to check their systems
96for security updates without taking more actions and simplifies later integration 107for security updates without taking more actions and simplifies later integration
97of the update tool into portage. For security minded persons the GLSAs are 108of the update tool into portage. For security minded persons the GLSAs are
98available on a HTTP server to ease the load of the rsync servers. 109available on a HTTP server to ease the load of the rsync servers.
99 110
111To verify the signatures of the GLSAs the public keys of the developers should be
112available in the portage tree and on the HTTP server. The verification is necessary
113to prevent exploits by fake GLSAs.
114
100 115
101Implementation 116Implementation
102============== 117==============
103 118
104A prototype implementation (including the update tool, a DTD and a sample 119A prototype implementation (including the update tool, a DTD and a sample
105XMLified GLSA) exists at http://gentoo.devel-net.org/glsa/ . This GLEP is based 120XMLified GLSA) exists at http://gentoo.devel-net.org/glsa/ and in the
121gentoo-projects/gentoo-security/GLSA repository. This GLEP is based
106on that implementation, though it can be changed or rewritten if necessary. 122on that implementation, though it can be changed or rewritten if necessary.
107According to portage developers there is also already some support for this in
108portage.
109 123
110 124
111Backwards compatibility 125Backwards compatibility
112======================= 126=======================
113 127

Legend:
Removed from v.1.1  
changed lines
  Added in v.1.6

  ViewVC Help
Powered by ViewVC 1.1.20