Shawn Walker wrote:
On 01/13/10 05:58 PM, Chris Gerhard wrote:
On 13/01/2010 23:40, Shawn Walker wrote:
On 01/13/10 05:35 PM, Chris Gerhard wrote:
Thanks. Are there plans to allow users to use the sha1 check. I can see
all sorts of confusion when audits find files on systems that are
supposed to be identical are different yet the pkg system does not
report it.
That's what pkg verify is for.
I don't understand. I certainly did not trust pkg verify over a cmp of
the files and would not expect anyone too unelss it is documented in
very big letters.
If the system's security had been compromised pkg verify would report no
problem as the hacker would make sure of it.
The same is true if the hacker compromised the other tools you were
using to audit it. What's the difference between maliciously modifying
pkg and maliciously modifying your other auditing tools?
Hence the importance of the bits being the same. Copying the suspicious
file to a known good system to verify is often the first thing to do. My
concern is that this is going to cause security alarms to go off when
there is nothing wrong.
You're also aware that you can nfs mount the filesystem from a known
good box and then use pkg verify from there, right?
I'm sure there are lots of things you can do in this case.
Yet the binaries are different. How this is not going to lead to
confusion or worse I can't imagine.
The tradeoff is that there is a significant reduction in total bytes
transferred during updates since binaries that haven't effectively
changed don't get updated.
Speaking as a user that operated for many months on a very limited
bandwidth cap in Australia, I sincerely prefer the current behaviour.
I understand the trade off. The problem is that this is not documented
and not the expected behaviour. If you have 2 systems running the same
OS you expect the bits on the disk to be the same.
That won't be true for enterprise customers. They will have local repo
with Gigibit bandwidth or we fail.
My concern as someone who works in support is that this will generate
fire drills and customer calls. The manual for pkg verify should sing
out that it does not do always use the sha1 to do a full verification.
--
Chris Gerhard. __o __o __o
Systems TSC, Sun Service _`\<,`\<,`\<,_
Sun Microsystems Limited (*)/---/---/ (*)
Phone: +44 (0) 1252 426033 (ext 26033) http://blogs.sun.com/chrisg
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
