[14192] in bugtraq
Re: Distributing Patches in Email
daemon@ATHENA.MIT.EDU (Dirk Nimmich)
Tue Mar 7 09:19:29 2000
Mail-Followup-To: BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000303182256.A915@roxel.ms.sub.org>
Date: Fri, 3 Mar 2000 18:22:56 +0100
Reply-To: Dirk Nimmich <nimmich@UNI-MUENSTER.DE>
From: Dirk Nimmich <nimmich@UNI-MUENSTER.DE>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <000801bf83e7$d96dd0c0$1400000a@clipper.homeport.org>; from Scott
Blake on Wed, Mar 01, 2000 at 08:37:19PM -0500
Scott Blake wrote:
> An exception the rule Marc mentions should be non-executable,
> strongly signed updates. Concerned users can easily verify the
> signature manually (the software does so automatically) to be
> certain of the file's provenance and integrity.
[...]
> Btw, if anyone sees a flaw in our approach, I'd love to hear it.
You didn't say anything about the verification of signed files and
how those patches are applied, so the "generic" answer to this is:
Replay attack with signed files known to have security bugs. Can be
avoided if dates (of the signature, not of the message) and file
versions are checked, too.
