[Rpm-maint] [rpm-software-management/rpm] RPM roadmap and v6 questions (Discussion #2016)

Demi Marie Obenour notifications at github.com
Thu Apr 14 14:30:22 UTC 2022 

Some areas I would like to see changed (compared to the current format):

- IMA and fsverity signatures should be part of the package.  Adding them to a package should create a different package.  This allows these signatures to be moved from the signature header to the main header, avoiding a whole class of security problems.
- Both signature and main headers should be required to be a single contiguous region.
- Padding should be checked to be zeroed and minimum-length.
- Header tag data entries should be required to be sorted and have no duplicates.  This applies to the contiguous region and to dribbles separately, so it is still possible to override an entry in the region by adding a dribble entry with the same tag.
- Entries that are currently lists of hex or base64 data should be replaced with binary data.  An “array of length-prefixed binary blobs” tag might help with this.
- Size signatures should be moved to the main header, so that tools like `rpmcanon` don’t need to zero them out.
- Instead of there only being one payload digest, there should be an array of them, each (except for the last) covering a fixed-size chunk of the payload.  This allows for RPM CoW to be implemented without creating new security risks, since each chunk can be buffered in memory before being passed to the decompression code. The array should be of type RPMTAG_BINARY, with length checked to be a multiple of the hash size.
- When reading a package, various invariants should be checked.  That’s #2025.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/discussions/2016#discussioncomment-2567376
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/repo-discussions/2016/comments/2567376 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220414/1ec6b96e/attachment.html>

More information about the Rpm-maint mailing list