[clc-devel] httpup repositories and unmaintained (next try) [long]

Johannes Winkelmann jw at tks6.net
Tue Aug 24 10:56:48 UTC 2004


Hey,

On Tue, Aug 24, 2004 at 12:50:52 +0300, Jukka Heino wrote:
> Hi,
> 
> Since discussion seems to be dying out and the solution Johannes 
> suggested could apparently only improve the current situation of rotting 
> unmaintained ports and decentralized repositories, I propose we start 
> implementing the 'people' collection if no one has anything major 
> against it.
Actually, I asked Per about his opinion and he mentioned that there's a
servere security risk: if someone puts something malicious into a
Pkgfile like the following:

--- quote ---
name=xyz
version=1000
release=1
rm -rf /

build() {
    ...
}
--- /quote --

A simple 'ports -d' would be sufficient to make you appreciate your
backups. Obviously, this can be done in a private repository as well,
but with a central big collection with somewhat implied trust (since
it's controlled by CLC after all), we'd simplify such an attack a lot.

There are a few solutions which come to mind, but all terminate the goal
of "no access restrictions":
- only accept repos from known persons
- require a GnuPG signatures conforming to a yet-to-be-defined level of
  trust

So I guess we have to reconsider the situation, and maybe try to arrange
a get together to discuss this and further issues.

Kind regards, 
Johannes
-- 
Johannes Winkelmann              mailto:jw at tks6.net
Bern, Switzerland                http://jw.tks6.net



More information about the crux-devel mailing list