On Mon, 2007-07-30 at 21:03 +0300, Panu Matilainen wrote: > Yum could just as well support "yum install http://..../foo.rpm"; :) > > Speaking of that, yum currently accesses package header before verifying > the signature, at least in the case of localinstall. I've some fuzzed > rpm's here that cause rpm to segfault if signature checking is > disabled as yum does... Dunno how exploitable that is in reality but there > is a potential vulnerability there anyway. 1. Can I get a copy of those rpms? 2. I've heard about the aforementioned mythic case of an exploit but never actually seen one. I could be wrong but I thought the case that was dangerous was not if gpg signature checking was disabled but if header checking in general was disabled. Changing yum's opener for pkgs so it does with hdr checking enabled is pretty simple to do - however, it'd be nice if I had a replicating case to check it out with. Thanks, -sv -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
