On 11/8/21 12:36 PM, Simo Sorce wrote:
On Sat, 2021-11-06 at 07:43 +0000, Daniel Alley wrote:
>> On Wed, Aug 11, 2021 at 10:03:50PM +0200, Marek Marczykowski-
>> Górecki wrote:
>> I do think we should drop drpms or make them more useful, but I
>> don't
>> think there's any security angle here. (see below)
>>
>> drpms work by downloading the delta, then using it + the version
>> you
>> have installed to recreate the signed rpm (just like you downloaded
>> the
>> full signed update) and then the gpg signature is checked of that
>> full rpm,
>> just like one you downloaded. If the drpm is tampered with it won't
>> reassemble and it will fall back to the full signed rpm.
>
> Sorry to resurrect this thread.
>
> Another issue - which is not per-se a security issue but it's still a
> problem - is that deltarpm uses md5 checksums pervasively. They're
> everywhere. And it uses its own implementation of md5 which doesn't
> respect FIPS, so even when the user has *explicitly* configured their
> system to not use md5 for anything security-relevant, libdeltarpm
> won't know or care.
md5 used as a checksum to only detect network transmission issues is
not a problem, and is not under the purview of the FIPS certification.
As mentioned above the actual packages are still finally reassembled
and the signature checked, so that is what matters in terms of security
(those algorithms and computations need to be FIPS approved and the
implementation certified).
This is enough for FIPS, yes, but it is still very
risky, as a bug in the
package reassembly process is a remote root exploit. At a minimum, I
recommend disabling deltarpm by default if repo_gpgcheck is not 1.
Sincerely,
Demi Marie Obenour