|
|
Subscribe / Log in / New account

Debian security

Debian security

Posted Jul 17, 2008 17:20 UTC (Thu) by justincappos (guest, #52950)
In reply to: Study: Attacks on package managers by DeletedUser32991
Parent article: Study: Attacks on package managers 

(Disclosure: I'm an author of the study)

I agree with you that using a security repository significantly reduces the vulnerability to
attack.   This doesn't protect against the "endless data" attack we describe that can be used
by a mirror to crash clients, but this is not as big of a threat as compromising the client.
(Does Debian need to contact so many mirrors by default?)

There are several other minor issues that remain and may impact Debian users that we didn't
see discussed here.   First, there is no authentication that you are talking with the security
repo, so a MITM attacker can still launch attacks by masquerading as the repo.   HTTPS with
correct certificate checking would prevent this, hence the HTTPS ("Bad research at its best")
suggestion.  :)

Second if the security repo fails or is not contactable from a client (non-transitive
connectivity, etc.) then the mirrors can attack clients by replaying content from the security
repo.

Third, clients who use netselect-apt, etc. should be aware that they are likely to remove the
security repo from their list of mirrors and thus become vulnerable.


In general we found that Debian's practice of using a security repository is effective in
protecting their users from replay / freeze attacks in the majority of cases for users with
default configurations.

There is another issue with Debian that we didn't bring up on the web pages because we felt
there was already too much loosely connected content.   We briefly looked at the developer
update process and if I understand correctly from reading the documentation any developer can
update any package (they are encouraged not to except in extreme situations but have the
ability to).   Furthermore, if I understand correctly there are thousands of keys in the
developer database so really this means that a compromise of any key allows an attacker to
upload any package.   Also there are keys as short as 768 bits and as old as 1993.   I'm not a
crypto expert so I don't really know how to quantify risk, but both of those numbers trigger a
mental alarm.   Anyways, I was hoping that you could also clarify / correct / confirm any of
this information as well.

Thanks,
Justin Cappos

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds