[Rpm-maint] [rpm-software-management/rpm] Support enforcing signature check in rpm -V too (#811)
notifications at github.com
Tue Aug 13 10:31:47 UTC 2019
While rpm -V and -q from rpmdb do verify existing signatures on rpmdb walk, this is largely useless as an attacker with sufficient permissions can modify the signature tags in rpmdb headers to make a package appear unsigned, after which it can be freely modified further without rpm seeing anything wrong. Additionally, a digest/signature check failure causes the entire header to be skipped as unreadable and so it cannot be inspected or even removed (without using --nodigest/--nosignature).
If there's one situation where checking signatures and all for packages coming from rpmdb makes sense, it's rpm -V, and in this case it needs to output the checks and results explicitly and make missing signatures and/or digests a verification error if so configured (and perhaps by default, require digests, similar to pkg file verification).
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Rpm-maint