[Bug 804196] New: DRPM File Integrity against its MIME defines .DRPM File Extension as .RPM NOT DRPM
https://bugzilla.novell.com/show_bug.cgi?id=804196 https://bugzilla.novell.com/show_bug.cgi?id=804196#c0 Summary: DRPM File Integrity against its MIME defines .DRPM File Extension as .RPM NOT DRPM Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: x86-64 OS/Version: openSUSE 12.1 Status: NEW Severity: Major Priority: P5 - None Component: Update Problems AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: secure@aphofis.com QAContact: jsrain@suse.com Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20100101 Firefox/16.0 aphofis.com must operate under the tightest security possible for me/us to keep clients happy and most test our own defences which are 3 stage hardware firewalls/UTM Devices. The problem with the .DRPM file extension is that its MIME file Integrity check shows the file as being an .RPM file. Its a bit like renaming a.EXE file to a .XML file in the hope to bypass security checks. The only way to accept a .DRPM file extension is to turn off File Integrity checks against ALL file types. The .DRPM files MUST REPORT A MIME integrity check that they are not .RPM in disguise. To do this you need to alter the .DRPM file type when compiling it so as to not report a .RPM file integrity. This is a very complex matter to solve but we cant just go one reporting a .DRPM file to be a renamed .RPM file. The following should assist you in tracking down the appropriate RFC that deals with File Integrity http://tldp.org/LDP/abs/html/filearchiv.html http://en.wikipedia.org/wiki/List_of_archive_formats Please ask me for any help or more examples or more reference docs about the RFC that defines File Integrity. I consider this a major problem as it goes to the heart of Data Security! Reproducible: Always Steps to Reproduce: 1.Please ask me for any help or more examples or more reference docs about the RFC that defines File Integrity. 2. 3. Actual Results: the DRPM file's access is denied against file Integrity checks Expected Results: Please ask me for any help or more examples or more reference docs about the RFC that defines File Integrity. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804196
https://bugzilla.novell.com/show_bug.cgi?id=804196#c2
Stanislav Brabec
https://bugzilla.novell.com/show_bug.cgi?id=804196
https://bugzilla.novell.com/show_bug.cgi?id=804196#c3
--- Comment #3 from Stanislav Brabec
https://bugzilla.novell.com/show_bug.cgi?id=804196
https://bugzilla.novell.com/show_bug.cgi?id=804196#c4
Stanislav Brabec
https://bugzilla.novell.com/show_bug.cgi?id=804196
https://bugzilla.novell.com/show_bug.cgi?id=804196#c5
Scott Couston
Other possible solution:
Delete file added in comment 3.
Open file /usr/share/mime/packages/freedesktop.org.xml in text editor (as root).
Then find <mime-type type="application/x-rpm">.
Scroll about 20 lines below to: <glob pattern="*.rpm"/> and add line containing <glob pattern="*.drpm"/>
Then call: update-mime-database /usr/share/mime
If you use this solution, .drpm files will be recognized as RPM file.
Will one of these solutions fix your problem?
This is a basic fundamental flaw in the file type .RPM AND .DRPM. I am aware of the problem only because I use advanced security protection. I would not think that any other open user would be aware of this issue, however it is only a matter of time until Enterprise user will because aware of this fundamental flaw in the file type....and it is under theasae terms of reference that I can illustrate the flaw and show how the fix is not myself; the fix is in the codeing and compiling of most of the DRPM. files. Making changes as above may help the O/S BUT they will not fix the incorrect S/mime reply that only comes from level 7 of ALG TCP Data Packet analysis...See attached document please... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804196
https://bugzilla.novell.com/show_bug.cgi?id=804196#c6
--- Comment #6 from Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=804196
https://bugzilla.novell.com/show_bug.cgi?id=804196#c7
Scott Couston
https://bugzilla.novell.com/show_bug.cgi?id=804196
https://bugzilla.novell.com/show_bug.cgi?id=804196#c8
--- Comment #8 from Scott Couston
participants (1)
-
bugzilla_noreply@novell.com