[Yum] Security of yum rpms
Konstantin Riabitsev
icon at linux.duke.edu
Thu Oct 30 01:24:24 UTC 2003
On Thu, 2003-10-30 at 08:31, Simon Kitching wrote:
> In fact, the current approach really reminds me of Microsoft's approach
> to security: convenience first, safety later. I would prefer to see
> systems which are secure by default, with users *deliberately* having to
> weaken security if they want more convenience.
Ah, but see, this is really a double-edged sword. If a user installs a
vanilla distribution, which, say, contains a remote sshd exploit, and
they are not able to update to errata because, who knows, they are thick
and can't figure out what gpgcheck does, they will be rooted before they
have time to realize their mistake. In this case there is no "secure by
default" setting -- either way you do it, someone will be screwed.
On the other hand, repository poisoning will be discovered very quickly,
because all other yum installations that do gpgcheck=1 will throw hissy
fits over an unsigned or an incorrectly signed package.
It's up for debate, of course, but it seems to me that a box with no
errata applied is potentially much more of a problem. It's really hard
to judge which one is more grave.
Regards,
--
Konstantin Riabitsev <icon at linux.duke.edu>
Linux at DUKE
More information about the Yum
mailing list