Improving availability and guaranteeing integrity in ISO - internal sha1sums
David Timms
dtimms at iinet.net.au
Mon Jun 11 13:12:13 UTC 2007
Olivier Galibert wrote:
> On Sun, Jun 10, 2007 at 02:31:51PM +1000, David Timms wrote:
>> I am not sure how you do that - how can you include inside a piece of
>> data a checksum that uses the data {including itself} to calculate the
>> checksum ?
>
> Standard method is "zero the checksum area, compute the checksum,
> write it". At verification time, copy the checksum area in memory,
> zero it and compute the checksum.
Ok, makes sense now how it actually works. An error in the
checksum implanted or the data will be detected, but not the case where
an attacker modifies a file, and re-embeds the matching checksum. Thats
why the necessity of the external sha1sum and signing.
I've read in f-l and seen myself where "tested good" cd/dvds {media
check} that fail during installation when trying to read a particular
rpm. Once sha1sum are on the iso, helping the user get to the definite
problem {and making them believe it} would be as simple as getting them
to run sha1sum -c failing....rpm or a nicer checksumming app.
I also see the other side where media fails the test, but works without
error for what the user is installing.
The cost of inserting this info would be pretty minimal - just an extra
step in the iso spin process. As Till suggests elsewhere in this thread:
find -type f -print0 | xargs -0 sha1sum >../SHA1SUM
...
154cbac962cf0e04ffd3163b6526fa8190df1299 ./stylesheet-images/titlepage.png
235e0b26cdc5a41c6d9b58ee57dd665c42611d79 ./stylesheet-images/warning.png
real 1m10.209s
user 0m24.258s
sys 0m6.452s
size:
-rw-r--r-- 1 root root 145080 Jun 11 21:44 SHA1SUM.txt
The resultant SHA1SUM file is acceptable to "sha1sum -c ../SHA1SUM"
{My iso is mounted, not the actual source files, so I cant write to the
correct location - hence the ../}.
Since it would probably be more useful for a media contents test script
to work from multiple places:
- a running Fedora system
- rescue iso
- dvd iso - linux rescue
- {from another OS - could include dos/win
ftp://ftp.gnupg.org/gcrypt/binary/sha1sum.exe}
Perhaps it is best to be as simple as possible, rather than python as I
first suggested -> bash script: attached. Since scrollback through 1800
files might not be possible directs the output to the users home
directory, and uses the return value to state either ~good or ~bad with
this files bad or missing.
This could become standard practice on any iso fedora produces {ie
including rescue and live}.
DaveT.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: verify_media_accessibility.sh
Type: application/x-shellscript
Size: 613 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20070611/235d0931/attachment.bin>
More information about the fedora-devel-list
mailing list