security projects thoughts
Arno Hautala
arno at alum.wpi.edu
Mon Apr 18 07:03:53 PDT 2011
On Mon, Apr 18, 2011 at 09:55, Jeff Johnson <n3npq at mac.com> wrote:
>
>> So let's say you're for some reason using the MacPorts sudo instead of
>> the system shipped version (maybe the system version is out of date
>> and insecure). You're updating your ports at a cafe and someone spoofs
>> the update for the sudo port. With signed portfiles and packages they
>> can't [1]. With the current scheme, they can spoof the portfile and
>> replace the package source and hash.
>>
>
> Sure "Let's say ..." whatever. The answer is the same:
> If you are worried abt sudo in MacPorts as a threat vector, nuke it.
> There's no loss of functionality using the system sudo.
>
>> [1] Or at least they'd have to spoof the initial MacPorts
>> installation, but at least signed packages and portfiles have shut
>> down some exploit avenues.
>>
>
> How has the existence (or not) of digital signatures "shut down some exploits"?
> Which exploits? Name them please.
It's hard to name an exploit that can be mitigated when the idea is
shot down with "If you're worried about X, don't use X."
--
arno s hautala /-| arno at alum.wpi.edu
pgp b2c9d448
More information about the macports-dev
mailing list