… | |
… | |
31 | <tbody valign="top"> |
31 | <tbody valign="top"> |
32 | <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">14</td> |
32 | <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">14</td> |
33 | </tr> |
33 | </tr> |
34 | <tr class="field"><th class="field-name">Title:</th><td class="field-body">security updates based on GLSA</td> |
34 | <tr class="field"><th class="field-name">Title:</th><td class="field-body">security updates based on GLSA</td> |
35 | </tr> |
35 | </tr> |
36 | <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.1</td> |
36 | <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.4</td> |
37 | </tr> |
37 | </tr> |
38 | <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0014.txt?cvsroot=gentoo">2003/08/22 15:00:55</a></td> |
38 | <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0014.txt?cvsroot=gentoo">2003/11/10 19:21:57</a></td> |
39 | </tr> |
39 | </tr> |
40 | <tr class="field"><th class="field-name">Author:</th><td class="field-body">Marius Mauch <genone at genone.de>,</td> |
40 | <tr class="field"><th class="field-name">Author:</th><td class="field-body">Marius Mauch <genone at genone.de>,</td> |
41 | </tr> |
41 | </tr> |
42 | <tr class="field"><th class="field-name">Status:</th><td class="field-body">Draft</td> |
42 | <tr class="field"><th class="field-name">Status:</th><td class="field-body">Accepted</td> |
43 | </tr> |
43 | </tr> |
44 | <tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td> |
44 | <tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td> |
45 | </tr> |
45 | </tr> |
46 | <tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="glep-0002.html">text/x-rst</a></td> |
46 | <tr class="field"><th class="field-name">Content-Type:</th><td class="field-body"><a class="reference" href="glep-0002.html">text/x-rst</a></td> |
47 | </tr> |
47 | </tr> |
48 | <tr class="field"><th class="field-name">Created:</th><td class="field-body">18 Aug 2003</td> |
48 | <tr class="field"><th class="field-name">Created:</th><td class="field-body">18 Aug 2003</td> |
49 | </tr> |
49 | </tr> |
50 | <tr class="field"><th class="field-name">Post-History:</th><td class="field-body">22-Aug-2003</td> |
50 | <tr class="field"><th class="field-name">Post-History:</th><td class="field-body">22-Aug-2003, 24-Aug-2003, 10-Nov-2003</td> |
51 | </tr> |
51 | </tr> |
52 | </tbody> |
52 | </tbody> |
53 | </table> |
53 | </table> |
54 | <hr /> |
54 | <hr /> |
55 | <div class="contents topic" id="contents"> |
55 | <div class="contents topic" id="contents"> |
… | |
… | |
85 | </div> |
85 | </div> |
86 | <div class="section" id="proposed-change"> |
86 | <div class="section" id="proposed-change"> |
87 | <h1><a class="toc-backref" href="#id4" name="proposed-change">Proposed change</a></h1> |
87 | <h1><a class="toc-backref" href="#id4" name="proposed-change">Proposed change</a></h1> |
88 | <div class="section" id="update-tool"> |
88 | <div class="section" id="update-tool"> |
89 | <h2><a class="toc-backref" href="#id5" name="update-tool">Update tool</a></h2> |
89 | <h2><a class="toc-backref" href="#id5" name="update-tool">Update tool</a></h2> |
90 | <p>The coding part of this GLEP is a update tool that reads a GLSA, checks if |
90 | <p>The coding part of this GLEP is a update tool that reads a GLSA, verifies its |
91 | the system is affected by it and executes one of the following actions, depending |
91 | GPG signature, checks if the system is affected by it and executes one of the |
92 | on user preferences:</p> |
92 | following actions, depending on user preferences:</p> |
93 | <ul class="simple"> |
93 | <ul class="simple"> |
94 | <li>run all steps necessary to fix the security hole, including package updates and |
94 | <li>run all steps necessary to fix the security hole, including package updates and |
95 | daemon restarts.</li> |
95 | daemon restarts.</li> |
96 | <li>instruct the user how to fix the security hole.</li> |
96 | <li>instruct the user how to fix the security hole.</li> |
97 | <li>print the GLSA so the user can get more information if desired.</li> |
97 | <li>print the GLSA so the user can get more information if desired.</li> |
… | |
… | |
102 | <div class="section" id="glsa-format"> |
102 | <div class="section" id="glsa-format"> |
103 | <h2><a class="toc-backref" href="#id6" name="glsa-format">GLSA format</a></h2> |
103 | <h2><a class="toc-backref" href="#id6" name="glsa-format">GLSA format</a></h2> |
104 | <p>The GLSA format needs to be specified, I suggest using XML for that to simplify |
104 | <p>The GLSA format needs to be specified, I suggest using XML for that to simplify |
105 | parsing and later extensions. See <a class="reference" href="#implementation">implementation</a> for a sample DTD. The format |
105 | parsing and later extensions. See <a class="reference" href="#implementation">implementation</a> for a sample DTD. The format |
106 | has to be compatible with the update tool of course. If necessary a converter |
106 | has to be compatible with the update tool of course. If necessary a converter |
107 | tool or an editor could be written for people not comfortable with XML.</p> |
107 | tool or an editor could be written for people not comfortable with XML (update: |
|
|
108 | a QT based editor for the GLSA format written by plasmaroo exists in the |
|
|
109 | gentoo-projects repository). Every GLSA has to be GPG signed by the responsible |
|
|
110 | developer, who has to be a member of the security herd.</p> |
108 | </div> |
111 | </div> |
109 | <div class="section" id="glsa-release-process"> |
112 | <div class="section" id="glsa-release-process"> |
110 | <h2><a class="toc-backref" href="#id7" name="glsa-release-process">GLSA release process</a></h2> |
113 | <h2><a class="toc-backref" href="#id7" name="glsa-release-process">GLSA release process</a></h2> |
111 | <p>Additional to sending the GLSA to the gentoo-announce mailing list it has to be |
114 | <p>Additional to sending the GLSA to the gentoo-announce mailing list it has to be |
112 | stored on a HTTP/FTP server and in the portage tree. I'd suggest a script should |
115 | stored on a HTTP/FTP server and in the portage tree. I'd suggest a script should |
113 | be used to release a GLSA that will:</p> |
116 | be used to release a GLSA that will:</p> |
114 | <ul class="simple"> |
117 | <ul class="simple"> |
115 | <li>check the GLSA for correctness</li> |
118 | <li>check the GLSA for correctness</li> |
|
|
119 | <li>sign the GLSA with the developers GPG key</li> |
116 | <li>send a mail to gentoo-announce with the XML GLSA and a plaintext version attached</li> |
120 | <li>send a mail to gentoo-announce with the XML GLSA and a plaintext version attached</li> |
117 | <li>upload it to www.gentoo.org/glsa (or wherever they should be uploaded)</li> |
121 | <li>upload it to www.gentoo.org/security/en/glsa (via cvs commit)</li> |
118 | <li>put it on the rsync server</li> |
122 | <li>put it on the rsync server (via cvs commit)</li> |
119 | <li>notify the moderators on the forums to make an announcement</li> |
123 | <li>notify the moderators on the forums to make an announcement</li> |
120 | </ul> |
124 | </ul> |
121 | </div> |
125 | </div> |
122 | <div class="section" id="portage-changes"> |
126 | <div class="section" id="portage-changes"> |
123 | <h2><a class="toc-backref" href="#id8" name="portage-changes">Portage changes</a></h2> |
127 | <h2><a class="toc-backref" href="#id8" name="portage-changes">Portage changes</a></h2> |
… | |
… | |
142 | </ul> |
146 | </ul> |
143 | <p>Putting the GLSAs in the portage tree allows all users to check their systems |
147 | <p>Putting the GLSAs in the portage tree allows all users to check their systems |
144 | for security updates without taking more actions and simplifies later integration |
148 | for security updates without taking more actions and simplifies later integration |
145 | of the update tool into portage. For security minded persons the GLSAs are |
149 | of the update tool into portage. For security minded persons the GLSAs are |
146 | available on a HTTP server to ease the load of the rsync servers.</p> |
150 | available on a HTTP server to ease the load of the rsync servers.</p> |
|
|
151 | <p>To verify the signatures of the GLSAs the public keys of the developers should be |
|
|
152 | available in the portage tree and on the HTTP server. The verification is necessary |
|
|
153 | to prevent exploits by fake GLSAs.</p> |
147 | </div> |
154 | </div> |
148 | <div class="section" id="implementation"> |
155 | <div class="section" id="implementation"> |
149 | <h1><a class="toc-backref" href="#id10" name="implementation">Implementation</a></h1> |
156 | <h1><a class="toc-backref" href="#id10" name="implementation">Implementation</a></h1> |
150 | <p>A prototype implementation (including the update tool, a DTD and a sample |
157 | <p>A prototype implementation (including the update tool, a DTD and a sample |
151 | XMLified GLSA) exists at <a class="reference" href="http://gentoo.devel-net.org/glsa/">http://gentoo.devel-net.org/glsa/</a> . This GLEP is based |
158 | XMLified GLSA) exists at <a class="reference" href="http://gentoo.devel-net.org/glsa/">http://gentoo.devel-net.org/glsa/</a> and in the |
|
|
159 | gentoo-projects/gentoo-security/GLSA repository. This GLEP is based |
152 | on that implementation, though it can be changed or rewritten if necessary. |
160 | on that implementation, though it can be changed or rewritten if necessary.</p> |
153 | According to portage developers there is also already some support for this in |
|
|
154 | portage.</p> |
|
|
155 | </div> |
161 | </div> |
156 | <div class="section" id="backwards-compatibility"> |
162 | <div class="section" id="backwards-compatibility"> |
157 | <h1><a class="toc-backref" href="#id11" name="backwards-compatibility">Backwards compatibility</a></h1> |
163 | <h1><a class="toc-backref" href="#id11" name="backwards-compatibility">Backwards compatibility</a></h1> |
158 | <p>The current <a class="reference" href="#glsa-release-process">GLSA release process</a> needs to be replaced with this proposal. It |
164 | <p>The current <a class="reference" href="#glsa-release-process">GLSA release process</a> needs to be replaced with this proposal. It |
159 | would be nice if old GLSAs would be transformed into XML as well, but that is |
165 | would be nice if old GLSAs would be transformed into XML as well, but that is |
… | |
… | |
166 | </div> |
172 | </div> |
167 | |
173 | |
168 | <hr class="footer"/> |
174 | <hr class="footer"/> |
169 | <div class="footer"> |
175 | <div class="footer"> |
170 | <a class="reference" href="glep-0014.txt">View document source</a>. |
176 | <a class="reference" href="glep-0014.txt">View document source</a>. |
171 | Generated on: 2003-08-22 15:08 UTC. |
177 | Generated on: 2003-11-10 19:22 UTC. |
172 | Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source. |
178 | Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source. |
173 | </div> |
179 | </div> |
174 | </body> |
180 | </body> |
175 | </html> |
181 | </html> |
176 | |
182 | |