[arch-general] Stronger Hashes for PKGBUILDs
Maxwell Anselm
silverhammermba at gmail.com
Mon Dec 5 21:03:32 UTC 2016
>
> Allan has already declared that he will not change the default
> makepkg.conf, on the grounds that #2 is the most likely scenario for
> people getting malicious packages.
> He also wants everyone to know that updpkgsums and makepkg are perfectly
> okay with maintainers changing the defaults, people who don't know there
> are defaults to change are probably not your best bet security-wise, and
> the only real security is either PGP or strong checksums posted by
> upstream on a second website.
> Also, that changing the defaults will encourage a false sense of
> security when people think that checksums have any validity in
> authentication.
>
The only change I can think of would be some way for the PKGBUILD to
distinguish between "official" checksums (to defend against all cases) and
"unofficial" checksums (to defend against #1 and #3). But that's a matter
for arch-dev-public.
More information about the arch-general
mailing list