Daniel Sousa: > On Sun, Aug 4, 2013 at 2:55 PM, Michael Stone <mst...@debian.org> wrote: > >> On Sun, Aug 04, 2013 at 10:12:40AM +0200, Heimo Stranner wrote: >> >>> I think the real issue is about if the malicious patch is not part of >>> the source package >>> >> >> Why? It certainly makes your argument simpler if you arbitrarily restrict >> the problem set, but it isn't obvious that it makes sense. If I was going >> to backdoor something, I'd just make an innocent-looking coding error that >> would enable a successful exploit; I certainly wouldn't put in a commented >> section of code that says "backdoor here". With sufficient effort it >> wouldn't be hard to inject such a vulnerability that would go unnoticed for >> years--and I'm not sure why that's less of an issue than someone making a >> one-time build with a malicious patch that is not part of the source >> package. > > > First of all, they could apply that change (calling it a patch was not one > of my greatest ideas) for every update they do, it's not necesserily a one > time thing. It's also much easier (and probably much dangerous) to write > some code that doesn't need to be cryptic, you can just write whatever you > want instead of trying to find something that can pass as a mistake > (although this seams a fun thing to do) > > Despite this, the most important reason is that I don't see anyway to > prevent that from happening, but we can prevent this.
> It's not easy and > will take a lot of work, but at least it is theoretically possible. Defeating the the intentional non-obvious bug leading to vulnerability thing? How to defeat it in theory? Please elaborate. > > I don't have any experience on this and I would not know where to start (I > haven't even done a Debain package, ever), but if there's any workgroup or > anyone working on this, I would like to help > -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/51fec685.3020...@riseup.net