[Ilugc] Re: Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges
- From: mohan43u@xxxxxxxxx (Mohan R)
- Date: Fri Nov 20 01:03:10 2009
Rahul Sundaram wrote:
Sorry but there were no "bad signatures" anywhere. The detailed
explanation is at
http://www.redhat.com/archives/fedora-announce-list/2009-March/msg00010.html
"
The compromise was not the result of a software vulnerability, and as we
have previously stated, our investigation has revealed no such
vulnerabilities. Instead,
***the intruder took a copy of a SSH private key which was not secured
with a passphrase from a system outside the Fedora infrastructure. The
intruder then used that key, which belonged to a Fedora administrator,
to access Fedora systems***
In addition, based on system log sudo entries, we believe the intruder
also compromised that user's password.
The Fedora package signing key was present on a system to which the
intruder had access during the time of the event, but the results of
our investigation did not lead us to believe the intruder accessed the
key.
***The intruder used the account's privileges to build modified versions
of openssh and rpm. These packages would have allowed the intruder to
capture the passphrases of unwitting users on our build system, or the
passphrase used to secure the package signing key. With the signing
key's passphrase and access to that key, the intruder would have been
able to fraudulently sign packages.***
"
Rahul,
Even the Fedora administrator's SSH key can be
compromised/stolen/whatever, how can you guys put weight on
package-signatures and dropped privileges to install apps?
As jeff replied in the mail-thread, its a shame to your team. You guys
know well about the incident and still did this?. As mentioned in
slashdot, fedora team want (windows) dev crowd to use fedora. I'm sure
most of them are already using it. But compromising a known security
feature for them is meaningless.
In thief-cop game, cop will never win, but better cop will not give easy
way to thief to intrude/escape.
I'm stopping here, I can't speak much about fedora's internals/policies
because I'm yet to get oppertunity to work on it. Please take this as my
request, dont make fedora as another windowsxp, let fedora as fedora,
let linux as linux.
Thanks,
Mohan R.
Other related posts:
- » [Ilugc] Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges- Raman.P
- » [Ilugc] Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges- Rahul Sundaram
- » [Ilugc] Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges- Salvadesswaran P.S.
- » [Ilugc] Re: Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges- Mohan R
- » [Ilugc] Re: Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges- Rahul Sundaram
- » [Ilugc] Re: Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges - Mohan R
- » [Ilugc] Re: Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges- Rahul Sundaram
- » [Ilugc] Re: Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges- Mohan R
- » [Ilugc] Re: Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges- Rahul Sundaram
- » [Ilugc] Re: Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges- Rahul Sundaram
- » [Ilugc] Re: Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges- Kapil Hari Paranjape
- » [Ilugc] Re: Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges- Rahul Sundaram
