Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
Re: [suse-security] autorpm and latest secure files
  • From: Thomas Forbriger <thof@xxxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Thu, 10 Aug 2000 21:25:12 +0200 (MEST)
  • Message-id: <Pine.LNX.4.10.10008102111370.387-100000@xxxxxxxxxxxx>
On Thu, 10 Aug 2000, Roman Drahtmueller wrote:

>
> The integrity problem that you mention is definitely not off-topic.
> :-)
>
> autorpm may be a bad idea unless the rpm packages are signed. This is
> planned for the near future in the SuSE distribution.

Well, maybe we are a bit paranoid since we had an incident this year. A hacker
hijacked one of our user accounts and left traces of actions undertaken to
gain root access. We discussed the aspect above several times...

So here is may question to the real experts:

What are the recomended steps to do security updates from FTP when there is no
PGP signature in the files? You know there was this incident with tripwire on
the dutch server that was hacked and trojaned as far as I remember. Is there a
reason to worry about somebody being able to hack and trojan the security
updates supplied via ftp AND to hack an change the md5 sums provided by SuSE
at the same time? Or is this coincidence too far from being probable?

Cheers,
Thomas

--
|--------------------------------------------------------------------------|
| Thomas Forbriger email: Thomas.Forbriger@xxxxxxxxxxxxxxxxxxxxxxxx |
| Universitaet Stuttgart - Institut fuer Geophysik |
| Richard-Wagner-Str. 44 D-70184 Stuttgart Germany |
| Tel ++49 (711) 121-3593 or 3422 or 3424 or 3590 | Fax ++49 (711) 2361218 |
| http://www.geophys.uni-stuttgart.de/thof |
| "... there's nothing more bizarre than reality..." (M. Kindermann) |


< Previous Next >
Follow Ups
References