| |||||||||||||
kernel.org compromisedkernel.org compromisedPosted Sep 1, 2011 15:25 UTC (Thu) by nix (subscriber, #2304)In reply to: kernel.org compromised by eupator Parent article: kernel.org compromised
Even if it doesn't, Linus's and Greg's tags are signed and validate against a key fetched long before the compromise: and I very much doubt their private keys are on kernel.org.
(Log in to post comments)
kernel.org compromised Posted Sep 2, 2011 2:34 UTC (Fri) by Duncan (guest, #6647) [Link]
You may be doubting wrong. See the last paragraph of the H-Online coverage, here:
http://www.h-online.com/open/news/item/Security-breach-at...
Apparently the signatures are generated on a server @ kernel.org, and it's as yet unclear whether the crackers had access to all the necessary components for signing, or not.
Duncan
kernel.org compromised Posted Sep 2, 2011 14:25 UTC (Fri) by nix (subscriber, #2304) [Link]
I'm not talking about the PGP signatures for the tarballs. I'm talking about the signed *tags* in the git tree: the object you see via e.g. 'git show v3.0.4'. That is part of the git repo and cannot be forged without access to Greg's private key. Now a hostile attacker could add a fake one, but the key would be different, and Greg would be certain to notice.
kernel.org compromised Posted Sep 2, 2011 5:07 UTC (Fri) by eupator (guest, #44581) [Link]
A very good point about GKH - users of his stable trees are indeed protected, assuming they check the signatures. Less so, sadly, about Linus - the tip of his tree isn't signed, and even if it was, I don't have a path of trust to his key.
kernel.org compromised Posted Sep 2, 2011 14:28 UTC (Fri) by nix (subscriber, #2304) [Link]
The tip isn't signed, but the rcs are, so you know that v3.1-rc4, released Aug 28 2011, is legitimate, and so is all the history leading up to it.
Conclusion: the git tree is not compromised up to that point.
|
|||||||||||||