| … | |
… | |
| 2 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
2 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
| 3 | <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
3 | <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
| 4 | |
4 | |
| 5 | <head> |
5 | <head> |
| 6 | <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> |
6 | <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> |
| 7 | <meta name="generator" content="Docutils 0.5: http://docutils.sourceforge.net/" /> |
7 | <meta name="generator" content="Docutils 0.6: http://docutils.sourceforge.net/" /> |
| 8 | <title>GLEP 57 -- Security of distribution of Gentoo software - Overview</title> |
8 | <title>GLEP 57 -- Security of distribution of Gentoo software - Overview</title> |
| 9 | <link rel="stylesheet" href="tools/glep.css" type="text/css" /></head> |
9 | <link rel="stylesheet" href="tools/glep.css" type="text/css" /></head> |
| 10 | <body bgcolor="white"> |
10 | <body bgcolor="white"> |
| 11 | <table class="navigation" cellpadding="0" cellspacing="0" |
11 | <table class="navigation" cellpadding="0" cellspacing="0" |
| 12 | width="100%" border="0"> |
12 | width="100%" border="0"> |
| … | |
… | |
| 25 | <tbody valign="top"> |
25 | <tbody valign="top"> |
| 26 | <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">57</td> |
26 | <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">57</td> |
| 27 | </tr> |
27 | </tr> |
| 28 | <tr class="field"><th class="field-name">Title:</th><td class="field-body">Security of distribution of Gentoo software - Overview</td> |
28 | <tr class="field"><th class="field-name">Title:</th><td class="field-body">Security of distribution of Gentoo software - Overview</td> |
| 29 | </tr> |
29 | </tr> |
| 30 | <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.2</td> |
30 | <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.3</td> |
| 31 | </tr> |
31 | </tr> |
| 32 | <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference external" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0057.txt?cvsroot=gentoo">2008/10/28 07:45:07</a></td> |
32 | <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference external" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0057.txt?cvsroot=gentoo">2010/01/13 03:26:53</a></td> |
| 33 | </tr> |
33 | </tr> |
| 34 | <tr class="field"><th class="field-name">Author:</th><td class="field-body">Robin Hugh Johnson <robbat2 at gentoo.org></td> |
34 | <tr class="field"><th class="field-name">Author:</th><td class="field-body">Robin Hugh Johnson <robbat2 at gentoo.org></td> |
| 35 | </tr> |
35 | </tr> |
| 36 | <tr class="field"><th class="field-name">Status:</th><td class="field-body">Draft</td> |
36 | <tr class="field"><th class="field-name">Status:</th><td class="field-body">Final</td> |
| 37 | </tr> |
37 | </tr> |
| 38 | <tr class="field"><th class="field-name">Type:</th><td class="field-body">Informational</td> |
38 | <tr class="field"><th class="field-name">Type:</th><td class="field-body">Informational</td> |
| 39 | </tr> |
39 | </tr> |
| 40 | <tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference external" href="glep-0002.html">text/x-rst</a></td> |
40 | <tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference external" href="glep-0002.html">text/x-rst</a></td> |
| 41 | </tr> |
41 | </tr> |
| 42 | <tr class="field"><th class="field-name">Created:</th><td class="field-body">November 2005</td> |
42 | <tr class="field"><th class="field-name">Created:</th><td class="field-body">November 2005</td> |
| 43 | </tr> |
43 | </tr> |
| 44 | <tr class="field"><th class="field-name">Updated:</th><td class="field-body">May 2006, October 2006, Novemeber 2007, June 2008, July 2008, October 2008</td> |
44 | <tr class="field"><th class="field-name">Updated:</th><td class="field-body">May 2006, October 2006, November 2007, June 2008, July 2008, October 2008, January 2010</td> |
| 45 | </tr> |
45 | </tr> |
| 46 | <tr class="field"><th class="field-name">Post-History:</th><td class="field-body"></td> |
46 | <tr class="field"><th class="field-name">Post-History:</th><td class="field-body">December 2009</td> |
|
|
47 | </tr> |
|
|
48 | <tr class="field"><th class="field-name">Approved:</th><td class="field-body">18 January 2010</td> |
| 47 | </tr> |
49 | </tr> |
| 48 | </tbody> |
50 | </tbody> |
| 49 | </table> |
51 | </table> |
| 50 | <hr /> |
52 | <hr /> |
| 51 | <div class="contents topic" id="contents"> |
53 | <div class="contents topic" id="contents"> |
| … | |
… | |
| 107 | in portage, makes it trivial to modify or replace the existing |
109 | in portage, makes it trivial to modify or replace the existing |
| 108 | Manifests.</li> |
110 | Manifests.</li> |
| 109 | <li>Vulnerability of existing infrastructure to attacks. |
111 | <li>Vulnerability of existing infrastructure to attacks. |
| 110 | The previous two items make it possible for a skilled attacker to |
112 | The previous two items make it possible for a skilled attacker to |
| 111 | design an attack and then execute it against specific portions of |
113 | design an attack and then execute it against specific portions of |
| 112 | existing infrastructure (eg: Compromise a country-local rsync mirror, |
114 | existing infrastructure (e.g.: Compromise a country-local rsync |
| 113 | and totally replace a package and it's Manifest).</li> |
115 | mirror, and totally replace a package and it's Manifest).</li> |
| 114 | </ul> |
116 | </ul> |
| 115 | </blockquote> |
117 | </blockquote> |
| 116 | </div> |
118 | </div> |
| 117 | <div class="section" id="specification"> |
119 | <div class="section" id="specification"> |
| 118 | <h1><a class="toc-backref" href="#id3">Specification</a></h1> |
120 | <h1><a class="toc-backref" href="#id3">Specification</a></h1> |
| … | |
… | |
| 151 | are not maintained by Gentoo Infrastructure.</p> |
153 | are not maintained by Gentoo Infrastructure.</p> |
| 152 | <p>Attacks may be conducted against any of these entities. Obviously |
154 | <p>Attacks may be conducted against any of these entities. Obviously |
| 153 | direct attacks against Upstream and Users are outside of the scope of |
155 | direct attacks against Upstream and Users are outside of the scope of |
| 154 | this series of GLEPs as they are not in any way controlled or |
156 | this series of GLEPs as they are not in any way controlled or |
| 155 | controllable by Gentoo - however attacks using Gentoo as a conduit |
157 | controllable by Gentoo - however attacks using Gentoo as a conduit |
| 156 | (including malicous mirrors) must be considered.</p> |
158 | (including malicious mirrors) must be considered.</p> |
| 157 | </div> |
159 | </div> |
| 158 | <div class="section" id="processes"> |
160 | <div class="section" id="processes"> |
| 159 | <h2><a class="toc-backref" href="#id5">Processes</a></h2> |
161 | <h2><a class="toc-backref" href="#id5">Processes</a></h2> |
| 160 | <p>There are two major processes in the distribution of Gentoo, where |
162 | <p>There are two major processes in the distribution of Gentoo, where |
| 161 | security needs to be implemented:</p> |
163 | security needs to be implemented:</p> |
| … | |
… | |
| 335 | Johnson (robbat2). First review thread for these GLEPs, many suggestions |
337 | Johnson (robbat2). First review thread for these GLEPs, many suggestions |
| 336 | from Marius Mauch (genone).</p> |
338 | from Marius Mauch (genone).</p> |
| 337 | <p>2008-04-03, gentoo-dev mailing list, "Re: Monthly Gentoo Council |
339 | <p>2008-04-03, gentoo-dev mailing list, "Re: Monthly Gentoo Council |
| 338 | Reminder for April" - Ciaran McCreesh (ciaranm). A thread in which |
340 | Reminder for April" - Ciaran McCreesh (ciaranm). A thread in which |
| 339 | Ciaran reminds everybody that simply making all the developers sign the |
341 | Ciaran reminds everybody that simply making all the developers sign the |
| 340 | tree is not sufficent to prevent all attacks. |
342 | tree is not sufficient to prevent all attacks. |
| 341 | [ <a class="reference external" href="http://thread.gmane.org/gmane.linux.gentoo.devel/55508/focus=55542">http://thread.gmane.org/gmane.linux.gentoo.devel/55508/focus=55542</a> ]</p> |
343 | [ <a class="reference external" href="http://thread.gmane.org/gmane.linux.gentoo.devel/55508/focus=55542">http://thread.gmane.org/gmane.linux.gentoo.devel/55508/focus=55542</a> ]</p> |
| 342 | <p>2008-07-01, gentoo-portage-dev mailing list, "proto-GLEPS for |
344 | <p>2008-07-01, gentoo-portage-dev mailing list, "proto-GLEPS for |
| 343 | Tree-signing" - Robin H. Johnson (robbat2). Thread looking for review |
345 | Tree-signing" - Robin H. Johnson (robbat2). Thread looking for review |
| 344 | input from Portage developers. |
346 | input from Portage developers. |
| 345 | [ <a class="reference external" href="http://thread.gmane.org/gmane.linux.gentoo.portage.devel/2686">http://thread.gmane.org/gmane.linux.gentoo.portage.devel/2686</a> ]</p> |
347 | [ <a class="reference external" href="http://thread.gmane.org/gmane.linux.gentoo.portage.devel/2686">http://thread.gmane.org/gmane.linux.gentoo.portage.devel/2686</a> ]</p> |
| … | |
… | |
| 368 | <a class="reference external" href="http://www.cs.arizona.edu/people/justin/packagemanagersecurity/">http://www.cs.arizona.edu/people/justin/packagemanagersecurity/</a></dd> |
370 | <a class="reference external" href="http://www.cs.arizona.edu/people/justin/packagemanagersecurity/">http://www.cs.arizona.edu/people/justin/packagemanagersecurity/</a></dd> |
| 369 | </dl> |
371 | </dl> |
| 370 | </div> |
372 | </div> |
| 371 | <div class="section" id="copyright"> |
373 | <div class="section" id="copyright"> |
| 372 | <h1><a class="toc-backref" href="#id12">Copyright</a></h1> |
374 | <h1><a class="toc-backref" href="#id12">Copyright</a></h1> |
| 373 | <p>Copyright (c) 2006 by Robin Hugh Johnson. This material may be |
375 | <p>Copyright (c) 2005-2010 by Robin Hugh Johnson. This material may be |
| 374 | distributed only subject to the terms and conditions set forth in the |
376 | distributed only subject to the terms and conditions set forth in the |
| 375 | Open Publication License, v1.0.</p> |
377 | Open Publication License, v1.0.</p> |
| 376 | <p>vim: tw=72 ts=2 expandtab:</p> |
378 | <p>vim: tw=72 ts=2 expandtab:</p> |
| 377 | </div> |
379 | </div> |
| 378 | |
380 | |
| 379 | </div> |
381 | </div> |
| 380 | <div class="footer"> |
382 | <div class="footer"> |
| 381 | <hr class="footer" /> |
383 | <hr class="footer" /> |
| 382 | <a class="reference external" href="glep-0057.txt">View document source</a>. |
384 | <a class="reference external" href="glep-0057.txt">View document source</a>. |
| 383 | Generated on: 2008-10-28 07:47 UTC. |
385 | Generated on: 2010-01-29 09:03 UTC. |
| 384 | Generated by <a class="reference external" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference external" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source. |
386 | Generated by <a class="reference external" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference external" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source. |
| 385 | |
387 | |
| 386 | </div> |
388 | </div> |
| 387 | </body> |
389 | </body> |
| 388 | </html> |
390 | </html> |
Parent Directory
| 
Revision Log
| 
Patch