[SoaS] [Systems] File integrity (was: Re: mirror management system)
David Farning
dfarning at sugarlabs.org
Mon Oct 12 14:29:00 EDT 2009
On Mon, Oct 12, 2009 at 1:15 PM, Sascha Silbe
<sascha-ml-ui-sugar-systems at silbe.org> wrote:
> On Mon, Oct 12, 2009 at 12:11:46PM -0500, David Farning wrote:
>
>> 3. Security. We are going to have to consider that mirrors can be
>> hijacked. ISOs will have to be shipped with md5 hashes.
>
> MD5 is a very bad choice for authentication; it should be considered broken.
> SHA-1 is starting to "fail" as well (but currently fine); AFAIK SHA-256
> should be safe choice mid-term.
> If you only want to guard against technical failures (corrupted download),
> MD5 is still fine of course.
>
> CU Sascha
>
Sacha,
I guess it has been a few years since I have studied any security related stuff.
Would you mind:
1. Working with the SoaS team to set up a soas release process which
insures that all soas files which are going to be mirrored have a
'good hash'.
2. Working with alsroot to insure that activites.sugarlabs.org is
creating 'good hashes' which the installer check before installing a
bundle.
I'll leave it up to you to determine what a good hash is.
david
More information about the SoaS
mailing list