[Yum] Security of yum rpms
Simon Kitching
simon at ecnetwork.co.nz
Wed Oct 29 22:36:53 UTC 2003
Hi,
I'm concerned that installing the yum rpm sets up a yum.conf file that
points to duke.edu, and a cron job to run it.
If anyone should crack the duke yum repository, installing a trojan rpm
of, say, glibc with an updated version number, then every system that
has ever installed yum and not disabled the duke url would be cracked
that night when the cron job runs.
In fact, it's just as well we trust you, Seth; you could own a whole lot
of linux boxes very quickly if you should wish to :-)
I suggest the yum rpm be modified so:
* it doesn't set up the cron job by default
* the yum.conf file has all servers commented out.
Alternatively, rpm signing could be enabled instead:
* run "gpg --install /usr/share/rhn/RPM-GPG-KEY"
* have the yum.conf file always set gpgcheck=1
This would at least ensure that if a cracker installed a trojan in the
duke yum repository, it would be rejected due to invalid signature.
Thoughts?
Regards,
Simon
More information about the Yum
mailing list