On Thu, Aug 05, 2010 at 01:11:24PM -0600, Kevin Fenzi wrote: > On Wed, 04 Aug 2010 22:03:14 +0200 > Till Maas <opensource@xxxxxxxxx> wrote: > > The attack is quite trivial: > > 1) clone the git pkg Fedora repos > > 2) commit some nasty change > > 3) publish the repo on some server > > 4) if the victim wants to fetch from the Fedora pkg repo, use the MITM > > attack to make him fetch from the server set up in step 3. Steps 1-3 > > can obviously be done on-demand. > > > > If this is e.g. done on a conference / FUDCon / Fedora Action Day, the > > attack can easily targeted to make the change in step 2 be expected to > > be fast forward. E.g. if packages simply need to be bumped for a > > rebuild, a upload of a bad tarball and modification of the sources > > file might be unnoticed. > > Just to clarify, as this is a long thread: > > This only works if people are using git:// urls, not the default for > fedora ssh: ones, right? (provided you have connected before to > pkgs.fedoraproject.org and have the known_hosts entry?) Yes ssh is secure if used properly. To get the proper known_hosts entry, one has to download https://admin.fedoraproject.org/ssh_known_hosts btw. Regards Till
Attachment:
pgpoEvqSFkxPB.pgp
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
