[Catalog-sig] repository security concerns

[Stuart Bishop]

 > uploaders will have a copy of their public keys stored
 > on the repository. a new distribution files should
 > have their checksums signed and uploaded as well. all
 > uploading should take place over ssl. a file, its
 > signature, and the public key of the uploader will be
 > made available for download for verification by the
 > end user or an automated tool.

There is a flaw here - if an attacker can corrupt a file
on the server or between the server and a client, they
can also do so with the developers key. Also, if I
download a trojan version of Numeric from the catalog,
it will still be signed by the key of the uploader and
perfectly valid. It would be impossible for the client
to know that the key belongs to a hacker.

It would be perfectly valid to reveal the SHA-1 hash
of a file, so that a client can confirm the validity
of a file *with a different mirror* to avoid using a
corrupt version. This would reduce attack points to
the master server that allows uploading of new files.

--
Stuart Bishop <zen@shangri-la.dropbear.id.au>
http://shangri-la.dropbear.id.au/