[Rpm-maint] [PATCH 4/4] Sign package files during installation

Dmitry Kasatkin d.kasatkin at samsung.com
Thu Oct 23 07:24:13 UTC 2014


On 22/10/14 21:42, Fionnuala Gunter wrote:
>>> @@ -964,12 +993,22 @@ int rpmPackageFilesInstall(rpmts ts, rpmte te, rpmfiles files,
>>>  	if (rc)
>>>  	    *failedFile = xstrdup(fpath);
>>>  
>>> -	/* get file signatures from header */
>>> -	if (sb.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) {
>>> +	/* sign executable files */
>>> +	if (sb.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH) && signFiles) {
>>> +	    digest = rpmtdNextString(&digests);
>>> +	    sig = signFile(algo, digest, diglen, key);
>> Why do you sign only executables?
>>
>>> +	    if (!sig) {
>>> +		rpmlog(RPMLOG_ERR, _("signFile failed\n"));
>>> +		goto exit;
>>> +	    }
>>> +	}
>>> +	/* or get file signatures from header */
>>> +	else if (sb.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) {
>>>  	    sig = rpmtdNextString(&sigs);
>> Also here...  It only sets signature for executables??
> Right, I only set signatures for executables, should I set signatures
> for all files?
>> - Dmitry

I understand that it was a safe bet that binaries can always has signature.
What about libraries or may be some important configuration file which
would have signature..
Files which can be modified should not have a signature.

Signatures should be set for all files in the package which has a signature.
Package maintainer should be able to select what files  to sign or not
to sign...

I think it has to be addressed before it can be really used.

- Dmitry


> Thanks,
> Fin
>
>



More information about the Rpm-maint mailing list