[Rpm-maint] [PATCH 4/4] Sign package files during installation

Fionnuala Gunter fin at linux.vnet.ibm.com
Thu Oct 23 16:34:29 UTC 2014



On 10/23/2014 02:24 AM, Dmitry Kasatkin wrote:
> On 22/10/14 21:42, Fionnuala Gunter wrote:
>>>> @@ -964,12 +993,22 @@ int rpmPackageFilesInstall(rpmts ts, rpmte te, rpmfiles files,
>>>>  	if (rc)
>>>>  	    *failedFile = xstrdup(fpath);
>>>>  
>>>> -	/* get file signatures from header */
>>>> -	if (sb.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) {
>>>> +	/* sign executable files */
>>>> +	if (sb.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH) && signFiles) {
>>>> +	    digest = rpmtdNextString(&digests);
>>>> +	    sig = signFile(algo, digest, diglen, key);
>>> Why do you sign only executables?
>>>
>>>> +	    if (!sig) {
>>>> +		rpmlog(RPMLOG_ERR, _("signFile failed\n"));
>>>> +		goto exit;
>>>> +	    }
>>>> +	}
>>>> +	/* or get file signatures from header */
>>>> +	else if (sb.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) {
>>>>  	    sig = rpmtdNextString(&sigs);
>>> Also here...  It only sets signature for executables??
>> Right, I only set signatures for executables, should I set signatures
>> for all files?
>>> - Dmitry
> 
> I understand that it was a safe bet that binaries can always has signature.
> What about libraries or may be some important configuration file which
> would have signature..
> Files which can be modified should not have a signature.
> 
> Signatures should be set for all files in the package which has a signature.
> Package maintainer should be able to select what files  to sign or not
> to sign...
> 
> I think it has to be addressed before it can be really used.
This is a good point, so the files needing signatures should be
enumerated by the package maintainer. Perhaps this can be done in the
rpm spec.

-Fin
> 
> - Dmitry
> 
> 
>> Thanks,
>> Fin
>>
>>
> 



More information about the Rpm-maint mailing list