On Fri, 2009-01-02 at 12:03 +1030, Karl Goetz wrote: > On Thu, 01 Jan 2009 20:18:05 -0500 > Ted Smith <[email protected]> wrote: > > > On Fri, 2009-01-02 at 11:27 +1030, Karl Goetz wrote: > > > On Thu, 01 Jan 2009 16:31:26 -0500 > > > Matthew Flaschen <[email protected]> wrote: > > > > > > > Ted Smith wrote: > > > > > On Thu, 2009-01-01 at 17:49 +0800, Koh Choon Lin wrote: > > > > >>>> I noted in recent times, servers for distro like Fedora and > > > > >>>> Debian were compromised by hackers. Are there some measures > > > > >>>> taken for gNewSense after those incidents? > > > > >> I actually meant to ask how the servers hosting gNewSense are > > > > >> protected to insure against rootkits being inserted into the > > > > >> distribution stream. > > > > > > > > > > Well, all packages are PGP-signed, the preferred distribution > > > > > method of the LiveCDs is BitTorrent (which is un-rootkitable), > > > > > and the liveCD's available for direct download are MD5sum'd > > > > > (and the MD5sums are PGP-signed). > > > > > > > > I agree. The only things that really matter are: > > > > > > > > 1. Using a secure hash (e.g. SHA-256). > > > > > > Moving from MD5SUM to SHA???SUM would be < 10 line patch to Builder, > > > IIRC. > > > kk > > > > That should be done ASAP. MD5 has been broken for a while and now it's > > getting to the point of being really ridiculous. It could be there > > still for people that are uncomfortable using SHA, but we definitely > > need to have options more secure than MD5. > > I'm sure Brian will accept patches. > kk > Ah, Matthew _just_ beat me (his email got to my inbox just as I started typing this). So I'm adding his gpg line to my patch.
The attached diff against the svn adds a config array SUMLIST and a scalar SUMFILE for the list of *sum programs to use and the file to put the output in. This lets us update as future hash algorithms break without going through and replacing "md5sum" every time. :) While I can't test this myself (I don't have enough disk space to run builder and not enough builder knowledge to just run the part of it), I have tested my code alone and it works (as it should, since it's fairly simple). I've set SUMLIST to include md5sum, shasum, and sha512sum.
Index: stage-cd
===================================================================
--- stage-cd (revision 222)
+++ stage-cd (working copy)
@@ -30,9 +30,12 @@
tar -cf $DISTRONAME_L-cdsource-$RELEASE-$LIVECD_VERSION.tar $DISTRONAME_L-cdsource-$RELEASE-$LIVECD_VERSION
cd $REPODST/cdimage
mv $LIVECDDIR-src/$DISTRONAME_L-cdsource-$RELEASE-$LIVECD_VERSION.tar .
- sed -i "/ $DISTRONAME_L-cdsource-$RELEASE-$LIVECD_VERSION.tar$/d" MD5SUMS
- md5sum $DISTRONAME_L-cdsource-$RELEASE-$LIVECD_VERSION.tar >> MD5SUMS
+ sed -i "/ $DISTRONAME_L-cdsource-$RELEASE-$LIVECD_VERSION.tar$/d" $SUMFILE
+ for i in "${SUMLIST[*]}"
+ do
+ $i $DISTRONAME_L-cdsource-$RELEASE-$LIVECD_VERSION.tar >> $SUMFILE
+ done
fi
cd $REPODST/cdimage
-gpg -u $SIGNINGKEY --clearsign MD5SUMS
-mv MD5SUMS.asc MD5SUMS.gpg
+
+gpg -u $SIGNINGKEY --detach-sign --armor --output ${SUMFILE}.gpg $SUMFILE
Index: gen-livecd
===================================================================
--- gen-livecd (revision 222)
+++ gen-livecd (working copy)
@@ -190,5 +190,8 @@
# Here we stage the cd image
cd $REPODST/cdimage
btmakemetafile.bittornado http://torrent.$DOMAIN:6969/announce --announce_list "$BITTORRENT_ANNOUNCE_LIST" $LIVECD_ISO_PREFIX-livecd-$RELEASE-$LIVECD_VERSION.iso
-sed -i "/ $LIVECD_ISO_PREFIX-livecd-$LIVECD_VERSION.iso$/d" MD5SUMS || true # Might not exist yet
-md5sum $LIVECD_ISO_PREFIX-livecd-$RELEASE-$LIVECD_VERSION.iso >> MD5SUMS
+sed -i "/ $LIVECD_ISO_PREFIX-livecd-$LIVECD_VERSION.iso$/d" $SUMFILE || true # Might not exist yet
+for i in ${SUMLIST[*]}
+do
+ $i $LIVECD_ISO_PREFIX-livecd-$RELEASE-$LIVECD_VERSION.iso >> $SUMFILE
+done
Index: config
===================================================================
--- config (revision 222)
+++ config (working copy)
@@ -117,3 +117,8 @@
# Without this, the diff cleaning for gen-kernel will break. Probably affects other stuff too.
LANG=C
+
+# List of *sum programs to use
+declare -a SUMLIST=("md5sum" "shasum" "sha512sum")
+# Where we're putting the output from the above
+SUMFILE="SUMS"
signature.asc
Description: This is a digitally signed message part
_______________________________________________ gNewSense-users mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/gnewsense-users
