--- xml/htdocs/proj/en/glep/glep-0058.html 2010/04/07 06:35:40 1.8 +++ xml/htdocs/proj/en/glep/glep-0058.html 2010/04/07 21:56:59 1.9 @@ -27,9 +27,9 @@ Title:Security of distribution of Gentoo software - Infrastructure to User distribution - MetaManifest -Version:1.9 +Version:1.10 -Last-Modified:2010/04/07 06:35:16 +Last-Modified:2010/04/07 21:34:24 Author:Robin Hugh Johnson <robbat2 at gentoo.org>, @@ -155,10 +155,10 @@ packages, local.
  • If a directory contains a Manifest file, extract all relevant local files from it (presently: AUX, MISC, EBUILD; but should follow the -evolution of Manifest2 entry types per [#GLEP60]), and place them +evolution of Manifest2 entry types per [GLEP60]), and place them into the COVERED set.
  • Recursively add every file in the directory to the ALL set, -pursuant to the exclusion list as mentioned in [#GLEP60].
  • +pursuant to the exclusion list as mentioned in [GLEP60].
  • Produce a new set, UNCOVERED, as the set-difference (ALL)-(COVERED). @@ -180,17 +180,17 @@ tarball signing is sufficient.
  • For the future, the key used for fully automated signing by infra should not be on the same keyring as developer keys. See -[#GLEPxx+3] for further notes.
  • +[GLEPxx3] for further notes.

    Notes:

    -

    The above does not conflict the proposal contained in GLEP33, which +

    The above does not conflict the proposal contained in [GLEP33], which restructure eclasses to include subdirectories and Manifest files, as the Manifest rules above still provide indirect verification for all -files after the GLEP33 restructuring if it comes to pass.

    +files after the [GLEP33] restructuring if it comes to pass.

    Additional levels of Manifests are required, such as per-category, and in the eclasses, profiles and metadata directories. This ensures that a change to a singular file causes the smallest possible overall change in @@ -217,10 +217,10 @@

    In the following, I've used term 'M2-verify' to note following the hash verification procedures as defined by the Manifest2 format - which compromise checking the file length, and that the hashes match. Which -filetypes may be ignored on missing is discussed in [#GLEP60].

    +filetypes may be ignored on missing is discussed in [GLEP60].

    1. Check the GnuPG signature on the MetaManifest against the keyring of -automated Gentoo keys. See [#GLEPxx+3] for full details regarding +automated Gentoo keys. See [GLEPxx3] for full details regarding verification of GnuPG signatures. 1. Abort if the signature check fails.
    2. Check the Timestamp header. If it is significantly out of date @@ -252,9 +252,6 @@

    Notes:

    -
    -

    System Message: INFO/1 (glep-0058.txt, line 202); backlink

    -Duplicate implicit target name: "notes:".
    1. For initial implementations, it is acceptable to check EVERY item in the eclass and profiles directory, rather than tracking the exact @@ -286,7 +283,7 @@ validation.

      MetaManifest and the new Manifest2 filetypes

      -

      While [#GLEP60] describes the addition of new filetypes, these are NOT +

      While [GLEP60] describes the addition of new filetypes, these are NOT needed for implementation of the MetaManifest proposal. Without the new filetypes, all entries in the MetaManifest would be of type 'MISC'.

      @@ -364,16 +361,30 @@ http://www.cs.arizona.edu/people/justin/packagemanagersecurity/ - +
      - +
      [1]Future GLEP on Developer Process security.
      [GLEP33]Eclass Restructure/Redesign +http://www.gentoo.org/proj/en/glep/glep-0033.html
      - +
      - + + +
      [2]Future GLEP on GnuPG Policies and Handling.
      [GLEP60]Manifest2 filetypes +http://www.gentoo.org/proj/en/glep/glep-0044.html
      + + + + + +
      [GLEPxx2]Future GLEP on Developer Process security.
      + + + +
      [GLEPxx3]Future GLEP on GnuPG Policies and Handling.
    @@ -382,14 +393,14 @@

    Copyright (c) 2006-2010 by Robin Hugh Johnson. This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, v1.0.

    -

    vim: tw=72 ts=2 expandtab:

    +