[arch-general] Pointless to use non-md5 for makepkg INTEGRITY_CHECK

Aaron Schaefer aaron at elasticdog.com
Mon Jan 12 16:23:09 EST 2009


On Mon, Jan 12, 2009 at 3:35 PM, Aaron Griffin <aaronmgriffin at gmail.com> wrote:
> Haven't we been over this like a hundred times? md5sums are not used
> for security. Not ever. Nope. Nada.
>
> We use them solely to detect whether or not the download completed as
> expected. And sha256 is going way overboard here.

It has been discussed before, in fact, you said this back in November:

"The checksums in pacman are only used for integrity, not security. I
agree that the first step towards super-omg-secure packages would be
switching to a different checksum, but sha1 might be deemed insecure
soon too. Why not jump over that one to something like sha256?"

...so a month ago you didn't think sha256 was going overboard, and now
you do? I'd also make a semantics argument and say that if the
"integrity" of the package could possibly be compromised by the
creation of a malicious package with the same md5 checksum, then that
absolutely effects the "security" of our system...the two ideas are
not completely separate.

Of course I realize that changing the checksum does not add any
security benefits as far as package signing and all of that goes
(establishing a truly secure package distribution system is a much
bigger project), but it DOES eliminate one current vulnerability, and
on top of that it's extremely easy to make the change. What is the
downside?

--
Aaron "ElasticDog" Schaefer


More information about the arch-general mailing list