summaryrefslogtreecommitdiffstats
path: root/usr.sbin/ctm
diff options
context:
space:
mode:
authorchuckr <chuckr@FreeBSD.org>2000-01-29 21:44:42 +0000
committerchuckr <chuckr@FreeBSD.org>2000-01-29 21:44:42 +0000
commitdcf1104bb0f44ab341d8f556fca2302fdd7ba88b (patch)
tree24d991755a03c328d4bc29596fb426a1530f1904 /usr.sbin/ctm
parented1d6704fbc9546bc3f0f297bdce179e2a70bacb (diff)
downloadFreeBSD-src-dcf1104bb0f44ab341d8f556fca2302fdd7ba88b.zip
FreeBSD-src-dcf1104bb0f44ab341d8f556fca2302fdd7ba88b.tar.gz
Correcting SECURITY warning.
Submitted by: Kris Kennaway Reviewed by: Warner Losh
Diffstat (limited to 'usr.sbin/ctm')
-rw-r--r--usr.sbin/ctm/ctm/ctm.127
-rw-r--r--usr.sbin/ctm/ctm_rmail/ctm_rmail.127
2 files changed, 32 insertions, 22 deletions
diff --git a/usr.sbin/ctm/ctm/ctm.1 b/usr.sbin/ctm/ctm/ctm.1
index d51bbc2..9e82107 100644
--- a/usr.sbin/ctm/ctm/ctm.1
+++ b/usr.sbin/ctm/ctm/ctm.1
@@ -225,15 +225,12 @@ option.
.Pp
.Sh SECURITY
.Pp
-CTM is an
-.Bf Em
-INSECURE PROTOCOL
-.Ef
+On its own, CTM is an insecure protocol
- there is no authentication performed that the
changes applied to the source code were sent by a
trusted party, and so care should be taken if the
CTM deltas are obtained via an unauthenticated
-medium such as email.
+medium such as regular email.
It is a relatively simple matter for an attacker
to forge a CTM delta to replace or precede the
legitimate one and insert malicious code into your
@@ -243,12 +240,20 @@ arriving, this will go unnoticed until a later
delta attempts to touch the same file, at which
point the MD5 checksum will fail.
.Pp
-A future version of
-.Fx
-may solve this problem by authenticating CTM
-deltas using cryptographic signatures, but in the
-mean time it is strongly recommended that you
-obtain the CTM deltas via FTP, and not via email.
+To remedy this insecurity, CTM pieces generated by
+freebsd.org are cryptographically signed in a
+format compatible with the GNU Privacy Guard
+utility, available in /usr/ports/security/gpg, and
+the Pretty Good Privacy v5 utility,
+/usr/ports/security/pgp5.
+The relevant public key can be obtained by
+fingering ctm@freebsd.org.
+.Pp
+CTM deltas which are thus signed cannot be
+undetectably altered by an attacker.
+Therefore it is recommended that you make use of
+GPG or PGP5 to verify the signatures if you
+receive your CTM deltas via email.
.Sh ENVIRONMENT
.Ev TMPDIR,
if set to a pathname, will cause ctm to use that pathname
diff --git a/usr.sbin/ctm/ctm_rmail/ctm_rmail.1 b/usr.sbin/ctm/ctm_rmail/ctm_rmail.1
index 49d60a6..df50f30 100644
--- a/usr.sbin/ctm/ctm_rmail/ctm_rmail.1
+++ b/usr.sbin/ctm/ctm_rmail/ctm_rmail.1
@@ -365,15 +365,12 @@ to execute
on the (non-FreeBSD) machine that this example was taken from.
.Sh SECURITY
.Pp
-CTM is an
-.Bf Em
-INSECURE PROTOCOL
-.Ef
+On its own, CTM is an insecure protocol
- there is no authentication performed that the
changes applied to the source code were sent by a
trusted party, and so care should be taken if the
CTM deltas are obtained via an unauthenticated
-medium such as email.
+medium such as regular email.
It is a relatively simple matter for an attacker
to forge a CTM delta to replace or precede the
legitimate one and insert malicious code into your
@@ -383,12 +380,20 @@ arriving, this will go unnoticed until a later
delta attempts to touch the same file, at which
point the MD5 checksum will fail.
.Pp
-A future version of
-.Fx
-may solve this problem by authenticating CTM
-deltas using cryptographic signatures, but in the
-mean time it is strongly recommended that you
-obtain the CTM deltas via FTP, and not via email.
+To remedy this insecurity, CTM delta pieces generated by
+freebsd.org are cryptographically signed in a
+format compatible with the GNU Privacy Guard
+utility, available in /usr/ports/security/gpg, and
+the Pretty Good Privacy v5 utility,
+/usr/ports/security/pgp5.
+The relevant public key can be obtained by
+fingering ctm@freebsd.org.
+.Pp
+CTM deltas which are thus signed cannot be
+undetectably altered by an attacker.
+Therefore it is recommended that you make use of
+GPG or PGP5 to verify the signatures if you
+receive your CTM deltas via email.
.\" This next request is for sections 1, 6, 7 & 8 only
.Sh ENVIRONMENT
If deltas are to be applied then
OpenPOWER on IntegriCloud