Quick word about me: I've worked previously in Unix security for a financial services multinational. I'm an MSc candidate in Computer Security and Forensics and will be working for Illumos SoC on IKE this summer.
I'm happy to help sort this out. Cheers, Bayard Begin forwarded message: > From: Alasdair Lumsden <alasdai...@gmail.com> > Date: 28 April 2011 12:20:03 GMT+01:00 > To: OpenIndiana Infrastructure mailing list <oi-in...@openindiana.org> > Subject: Re: [oi-infra] distribution integrity measures > > Hi Bayard, > > Probably not - OI Infra is for those people looking after the server > instances, of which there aren't that many people at present. > > I'd recommend re-posting to oi-dev! > > Cheers, > > Alasdair > > On 28 Apr 2011, at 10:39, Bayard Bell wrote: > >> Have I contacted the right list for this question? >> >> On 23 Apr 2011, at 15:41, Bayard Bell <buffer.g.overf...@googlemail.com> >> wrote: >> >>> I've been getting up to speed on OpenIndiana/Illumos, and one of things >>> that's struck me so far is what I take to be gaps in distribution integrity >>> measures. I thought I'd start with oi-infra rather than oi-discuss, as this >>> list seems to have more direct ownership. This is a first post, so please >>> forgive me if this isn't the right forum. >>> >>> What I've noticed is a number of variations on the basic problem that there >>> are quite a lot of opportunities to MITM downstream consumers via >>> name-service based attacks or, what is rather less of a risk, session >>> hijacking, creating risks of arbitrary content injection. My recollection >>> is that OpenSolaris signed packages and made extensive use of ssh keys to >>> provide mitigations, and there don't appear to be equivalent measures in >>> OpenIndiana release or package distribution and source mirrors, many of >>> which provide neither transport security nor signing. (Just to summarise >>> what I see: OpenIndiana packages aren't signed, the OpenIndiana mirror of >>> the Illumos source is only available by plain http, mirrors seem to rsync >>> unsigned content without transport security, and the checksums for the >>> distribution ISOs are only available by plain http.) >>> >>> My question is more or less whether this is a known and accepted risk that >>> reflects where the project is in coming up to speed or something more of an >>> oversight. >>> >>> Cheers, >>> Bayard >> >> _______________________________________________ >> oi-infra mailing list >> oi-in...@openindiana.org >> http://openindiana.org/mailman/listinfo/oi-infra > > > _______________________________________________ > oi-infra mailing list > oi-in...@openindiana.org > http://openindiana.org/mailman/listinfo/oi-infra
smime.p7s
Description: S/MIME cryptographic signature
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ oi-dev mailing list oi-dev@openindiana.org http://openindiana.org/mailman/listinfo/oi-dev
