[pacman-dev] [PATCH] Remove support for SHA1 from pacman.
Dan McGee
dpmcgee at gmail.com
Thu Aug 16 08:27:57 EDT 2007
On 8/16/07, Andrew Fyfe <andrew at neptune-one.net> wrote:
> Aaron Griffin wrote:
> > On 8/15/07, Dan McGee <dpmcgee at gmail.com> wrote:
> >> What I really want to hear are thoughts on this issue. We are using
> >> md5sums for two main reasons- verification of package downloads, and
> >> determining whether a backup file has changed. With this in mind, I
> >> think md5 is sufficient to serve our needs.
> >>
> >> Please chime in on this.
> >
> > There is some history on this somewhere in these list archives. I'll
> > summarize my views because I don't want to figure out what thread that
> > was.
> >
> > a) The "md5 is insecure" argument doesn't hold water with archive
> > formats. Reproducing an md5sum with a malicious file requires that the
> > original file format supports null padding. All of the examples I've
> > seen used ps files as you can embed null padding to fluff the md5sum.
> > In our case, if you add some padding, it suddenly becomes a corrupt
> > archive. Corrupt archives are already checked for before extraction,
> > so if the md5sum matches AND it's corrupt, it's either a packager's
> > error, or malicious.
> > b) We are not using md5 for security. We are using it for integrity.
> > These are two totally different things. Instead of saying "I don't
> > trust you Mr Mirror", we're saying "I trust the DB file is correct,
> > did this download ok". See now there's a subtle problem with this
> > point. If we want to implicitly trust the DB files, then we need to
> > ensure where they come from. DB files on mirrors might not be
> > "trustable". /me shrugs
> >
> > But my opinions is thus: md5 is faster than sha1, and we're just
> > ensuring that we downloaded the file exactly as the server told us to.
> > We are not guaranteeing that it is super-duper secure. If we wanted
> > that, we'd sign packages. I vote md5
> >
> > _______________________________________________
> > pacman-dev mailing list
> > pacman-dev at archlinux.org
> > http://archlinux.org/mailman/listinfo/pacman-dev
> +1 here
>
> I've made a few tweaks to the patch...
> http://neptune-one.homeip.net/git?p=pacman;a=shortlog;h=ready_to_pull
The diffstat on that patch is exactly the same as the one that was in
this email. Has it really changed? I'm just referring to the "Remove
SHA1" patch, not the "cleanup MD5sum" one.
-Dan
More information about the pacman-dev
mailing list