On 07/01/2016 02:35 PM, Stefan Berger wrote:
On 05/23/2016 02:27 PM, Stefan Berger wrote:
On 05/23/2016 05:50 AM, Guillem Jover wrote:
Hi!
On Thu, 2016-05-19 at 11:33:27 -0400, Stefan Berger wrote:
The following patch adds support for the tar pax extended header to
the tar
parser so that tar files with pax extended headers containing Linux
extended
attributes can be processed by dpkg. Essentially the pax extended
header
contains key value pairs that describe file attributes. More
information
about the format can be found here:
http://pubs.opengroup.org/onlinepubs/009695299/utilities/pax.html#tag_04_100_13_03
We are particularly interested in the security.ima extended attribute,
which, if available, contains a signature for the following file in
the tar
and which we then write as a Linux extended attribute into the
filesystem.
First of all, thanks for the patch! I've been looking into this the
past several days, and unfortunately I see some problems with the
proposed implementation and probably with this approach in general.
You're welcome.
mtree(5) support, which I hope to get ready soon, but I'm still
uncertain
if that would be ideal as that manifest.
I guess this all depends a bit on how this all is intended to be used.
In the future, ideally distros would provide repositories with
packages where the contents are signed. Whether the installed system
is actually using them would be up to the user, though having them in
the packages enables one to setup a rather locked-down secure system.
How can we move this forward?
Any comments?
We also recently presented our work on file signatures at Linux Plumbers
2016:
https://www.linuxplumbersconf.org/2016/ocw//system/presentations/3933/original/FileSignaturesNeeded.pdf
I have been using the patches for PAX header support in dpkg & apt-get
for a while now and installing and updating a system that uses file
signatures embedded in the PAX header works quite well.
Stefan
Regards,
Stefan
