On Wed, Dec 30, 2015 at 07:38:35PM +0100, Björn Persson wrote: > Tim Lauridsen wrote: > > How do i handle a situation where someone, without my knowledge > > uploads new sources to one of my projects. It could be a security > > problem ? > > While I trust that Francesco had only good intentions, the general > question remains: Is it possible to modify a package without commit > access by uploading a modified source tarball to the lookaside cache? > > Without commit access to Git the attacker couldn't edit the sources > file, so – assuming that everything that uses the lookaside cache > bothers to verify the checksum – the attacker would have to forge a > tarball that has the same MD5 hash as the original. That is an attack > on the second-preimage resistance of MD5. > > Practical collision attacks on MD5 have existed for more than a decade, > but to the best of my knowledge no practical second-preimage attack is > known yet. Thus it's probably not practically possible to do this at > this time, except maybe to certain well-funded government agencies > around the world, who may have made further advances attacking MD5 than > the open cryptographic community has. > > But still, why are we still using MD5? For the record bochecha has been leading the move away from md5 to sha, making the changes in such a way that it will give us the flexibility to later change from sha1 to sha256, sha512 or something else. The problem being that there are quite a number of places to change (dist-git, fedpkg...) which all have different upstreams and release cycles. So all in all, it's in progress but takes some time. Pierre
Attachment:
pgpSQqepaEAui.pgp
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
