YUM security issues...
Mike McGrath
mmcgrath at redhat.com
Fri Jul 25 16:35:39 UTC 2008
On Fri, 25 Jul 2008, Matt Domsch wrote:
> On Fri, Jul 25, 2008 at 10:43:59AM -0500, Mike McGrath wrote:
> > On Fri, 25 Jul 2008, Jesse Keating wrote:
> >
> > > On Fri, 2008-07-25 at 10:37 -0500, Mike McGrath wrote:
> > > >
> > > > AFAIK, this service is still in place and working fine. Though I am a
> > > > little confused about the question. It sounds like you'd like to direct
> > > > all subnet traffic to a specific mirror. But you're also saying you took
> > > > your mirror down. Are you worried people in your subnet are being
> > > > directed to a down mirror?
> > >
> > > More like taking over a subnet and directing all clients at a rouge
> > > mirror.
> >
> > <nod> that makes more sense. Domsch?
>
> Yes, this is a known challenge with subnet delegation in
> MirrorManager. We're trusting package signing (and soon, repodata
> signing) to prevent rogue mirrors from issuing unsigned data. In
> addition, I'm working on adding in a way to prevent stale mirrors
> (with signed content) from being used.
>
Perhaps it might also be a good idea to add a comment to the default
yum.conf for gpgcheck explaining what a bad idea it is to set to 0. I
could imagine people setting it to 0 not understanding what
they're doing. Especially if they're familiar with gpg's encryption bits,
but not its signing functionality.
-Mike
More information about the Fedora-infrastructure-list
mailing list