[packagekit] 1-click; Third party vendors; etc.
dawg
dirTdogE at Gmail.com
Mon Jun 2 06:10:53 PDT 2008
Correct me if I'm wrong: the prompt to import a key is presented only
after the user attempts to download software from that respective
repository, right? Or am I mis-remembering?
If that is the case, it could be useful to force the import when the
repository is added to the software sources list. At least in that case,
the user knows exactly what it is for, and that it is (theoretically)
safe. On the other hand, if the key changes for some reason, it could
then prompt the user with a big (very) scary message to ask for approval
of the new key.
Nate
Patryk Zawadzki wrote:
> On Mon, Jun 2, 2008 at 2:12 PM, Benji Weber <benji at opensuse.org> wrote:
>
>> b) It is not the easiest attack vector.
>>
>> If you wanted to do something malicious to a users' machine, why would
>> you utilise a process that requires the user to trust your identity
>> and be presented with warnings telling them that it is potentially a
>> bad idea? It is considerably easier to get users to execute arbitrary
>> binaries.
>>
>
> It will be the easiest attack vector as soon as users learn to just
> blindly click any 1-click-install button they can find. "Sure it has
> to be secure, it even gives some messages about security. Just click
> next."
>
> The other problem: imagine a third party repo being compromised. What
> can you do? How will you know? You probably read all the news related
> to your distro but do you follow all the FLOSS project pages? How can
> you detect and undo `rpm --import /tmp/hax0red.key` done in a
> legitimate looking rpm's %post?
>
> Plus I still don't get why it's ultimately better to get upstream
> packaging software for any distro. Not that any project has developers
> running all the available Linux flavors in all (un-)stable versions.
> The end result is foobuntu (no pun intended, insert any non-mainstream
> distro here) developers ignore a 0-day SCE as they do not ship said
> package while their users feel safe (no foobuntu SCE this month)
> running exploitable software.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/packagekit/attachments/20080602/ced38fb1/attachment-0003.htm>
More information about the PackageKit
mailing list