[Systems] File integrity (was: Re: mirror management system)

David Farning dfarning at sugarlabs.org
Mon Oct 12 14:29:00 EDT 2009


On Mon, Oct 12, 2009 at 1:15 PM, Sascha Silbe
<sascha-ml-ui-sugar-systems at silbe.org> wrote:
> On Mon, Oct 12, 2009 at 12:11:46PM -0500, David Farning wrote:
>
>> 3. Security.  We are going to have to consider that mirrors can be
>> hijacked.  ISOs will have to be shipped with md5 hashes.
>
> MD5 is a very bad choice for authentication; it should be considered broken.
> SHA-1 is starting to "fail" as well (but currently fine); AFAIK SHA-256
> should be safe choice mid-term.
> If you only want to guard against technical failures (corrupted download),
> MD5 is still fine of course.
>
> CU Sascha
>
Sacha,
I guess it has been a few years since I have studied any security related stuff.

Would you mind:
1.  Working with the SoaS team to set up a soas release process which
insures that all soas files which are going to be mirrored have a
'good hash'.

2.  Working with alsroot to insure that activites.sugarlabs.org is
creating 'good hashes' which the installer check before installing a
bundle.

I'll leave it up to you to determine what a good hash is.

david


More information about the Systems mailing list