/[gentoo]/xml/htdocs/proj/en/glep/glep-0057.txt
Gentoo

Diff of /xml/htdocs/proj/en/glep/glep-0057.txt

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.2 Revision 1.3
1GLEP: 57 1GLEP: 57
2Title: Security of distribution of Gentoo software - Overview 2Title: Security of distribution of Gentoo software - Overview
3Version: $Revision: 1.2 $ 3Version: $Revision: 1.3 $
4Last-Modified: $Date: 2008/10/28 07:45:07 $ 4Last-Modified: $Date: 2010/01/13 03:26:53 $
5Author: Robin Hugh Johnson <robbat2@gentoo.org> 5Author: Robin Hugh Johnson <robbat2@gentoo.org>
6Status: Draft 6Status: Draft
7Type: Informational 7Type: Informational
8Content-Type: text/x-rst 8Content-Type: text/x-rst
9Created: November 2005 9Created: November 2005
10Updated: May 2006, October 2006, Novemeber 2007, June 2008, July 2008, October 2008 10Updated: May 2006, October 2006, November 2007, June 2008, July 2008, October 2008, January 2010
11Post-History: 11Post-History: December 2009
12 12
13Abstract 13Abstract
14======== 14========
15This is the first in a series of 4 GLEPs. It aims to define the actors 15This is the first in a series of 4 GLEPs. It aims to define the actors
16and problems in the Gentoo software distribution process, with a strong 16and problems in the Gentoo software distribution process, with a strong
52 in portage, makes it trivial to modify or replace the existing 52 in portage, makes it trivial to modify or replace the existing
53 Manifests. 53 Manifests.
54 - Vulnerability of existing infrastructure to attacks. 54 - Vulnerability of existing infrastructure to attacks.
55 The previous two items make it possible for a skilled attacker to 55 The previous two items make it possible for a skilled attacker to
56 design an attack and then execute it against specific portions of 56 design an attack and then execute it against specific portions of
57 existing infrastructure (eg: Compromise a country-local rsync mirror, 57 existing infrastructure (e.g.: Compromise a country-local rsync
58 and totally replace a package and it's Manifest). 58 mirror, and totally replace a package and it's Manifest).
59 59
60Specification 60Specification
61============= 61=============
62Security is not something that can be considered in isolation. It is 62Security is not something that can be considered in isolation. It is
63both an ongoing holistic process and lessons learnt by examining 63both an ongoing holistic process and lessons learnt by examining
92 92
93Attacks may be conducted against any of these entities. Obviously 93Attacks may be conducted against any of these entities. Obviously
94direct attacks against Upstream and Users are outside of the scope of 94direct attacks against Upstream and Users are outside of the scope of
95this series of GLEPs as they are not in any way controlled or 95this series of GLEPs as they are not in any way controlled or
96controllable by Gentoo - however attacks using Gentoo as a conduit 96controllable by Gentoo - however attacks using Gentoo as a conduit
97(including malicous mirrors) must be considered. 97(including malicious mirrors) must be considered.
98 98
99Processes 99Processes
100--------- 100---------
101There are two major processes in the distribution of Gentoo, where 101There are two major processes in the distribution of Gentoo, where
102security needs to be implemented: 102security needs to be implemented:
303from Marius Mauch (genone). 303from Marius Mauch (genone).
304 304
3052008-04-03, gentoo-dev mailing list, "Re: Monthly Gentoo Council 3052008-04-03, gentoo-dev mailing list, "Re: Monthly Gentoo Council
306Reminder for April" - Ciaran McCreesh (ciaranm). A thread in which 306Reminder for April" - Ciaran McCreesh (ciaranm). A thread in which
307Ciaran reminds everybody that simply making all the developers sign the 307Ciaran reminds everybody that simply making all the developers sign the
308tree is not sufficent to prevent all attacks. 308tree is not sufficient to prevent all attacks.
309[ http://thread.gmane.org/gmane.linux.gentoo.devel/55508/focus=55542 ] 309[ http://thread.gmane.org/gmane.linux.gentoo.devel/55508/focus=55542 ]
310 310
3112008-07-01, gentoo-portage-dev mailing list, "proto-GLEPS for 3112008-07-01, gentoo-portage-dev mailing list, "proto-GLEPS for
312Tree-signing" - Robin H. Johnson (robbat2). Thread looking for review 312Tree-signing" - Robin H. Johnson (robbat2). Thread looking for review
313input from Portage developers. 313input from Portage developers.
337 Available online at: 337 Available online at:
338 http://www.cs.arizona.edu/people/justin/packagemanagersecurity/ 338 http://www.cs.arizona.edu/people/justin/packagemanagersecurity/
339 339
340Copyright 340Copyright
341========= 341=========
342Copyright (c) 2006 by Robin Hugh Johnson. This material may be 342Copyright (c) 2005-2010 by Robin Hugh Johnson. This material may be
343distributed only subject to the terms and conditions set forth in the 343distributed only subject to the terms and conditions set forth in the
344Open Publication License, v1.0. 344Open Publication License, v1.0.
345 345
346vim: tw=72 ts=2 expandtab: 346vim: tw=72 ts=2 expandtab:

Legend:
Removed from v.1.2  
changed lines
  Added in v.1.3

  ViewVC Help
Powered by ViewVC 1.1.20