[Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)

chantra notifications at github.com
Wed Feb 9 22:48:01 UTC 2022


@DemiMarie 

> If (as this document implies) the entire non-transcoded file is buffered on disk, things are far simpler.

No, it is not buffered on disk. Let me know what makes you think so, so i can clarify it.

Other than that, I am with you on improving the signature validation, but at this stage, it would require support from the packager side. TBH, being able to validate chunks on the fly may also be beneficial to non-cow RPM (if it were to no buffer files on disk before unarchiving).
The current transcoded metadata allows for an in-between solution that allows verification, but with the decompression library still being exposed to vulnerability. The attack surface can be lowered by dropping privileges/chrooting... the transcoder.

In any cases, even if chunk validation is done, a summary of the validation will still need to be store in the transcoded file metadata so the transcoded file can be "verified", or at least, it can be verified that it had been verified, after the fact.

Before getting into this though, I like to see how RPM CoW can become a thing in RPM, iterate on that, and time will come to improve signature validation.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1470#issuecomment-1034276347
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/pull/1470/c1034276347 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220209/c2f563bf/attachment-0001.html>


More information about the Rpm-maint mailing list