[Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)

Panu Matilainen notifications at github.com
Tue Jan 5 12:42:12 UTC 2021


I concur with @DemiMarie 's security concerns: we only just got the full payload pre-transaction verification in place *finally* in 4.14.2, but this effectively disables not just that but *all* digest and signature verification for the incoming package (in rpm2extent), which is nothing but an untrusted binary from somewhere AIUI. That's not acceptable, really.

Note that you don't need rpmdb to verify signatures, you just need the keys which can be populated from any source you like. It's just the default setup that relies on rpmdb.

Another point that might be of relevance is that despite saying so in the payload tag, the payload isn't always "cpio" these days, packages with large files are handled with a different format which only uses an integer as the file "header" in the payload. Which might be more reusable for your purposes, and if that was used for the package originally then the alt payload could perhaps be calculated more easily. I don't remember all the details so might be missing something here, but I think there should be something in that direction...

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1470#issuecomment-754611698
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210105/bccde77b/attachment.html>


More information about the Rpm-maint mailing list