Bug 42654 - up2date server side code is not available
Summary: up2date server side code is not available
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: up2date   
(Show other bugs)
Version: 7.1
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Adrian Likins
QA Contact: Jay Turner
Keywords: FutureFeature
Depends On:
TreeView+ depends on / blocked
Reported: 2001-05-29 04:17 UTC by Seth Vidal
Modified: 2015-01-07 23:45 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-07-05 20:10:06 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Seth Vidal 2001-05-29 04:17:50 UTC
The up2date server side code is not publically available. Therefore, users
of this service cannot completely trust the files being delivered to them.

As Red Hat's PR has been quick to point out, closed source products
should not be trusted in security-sensitive environments. Without access to
the up2date server side code a user cannot completely trust this updating
service. Signature checking on the client side helps, but it doesn't ensure
that red hat is not delivering subtely different packages than the ones
found on their normal ftp site to the up2date users. Afterall, they're the
same sigs. Users of up2date have to take it on faith that the packages
being sent to them are the same ones that the srpms on the ftp site
compile to.

Having the server side code does not guarantee that the server running at
red hat is sending the same packages but it allows the user the option of
running their own local up2date server w/packages they compile from either
the srpms that red hat provides (after the user checks these packages) or
packages of their own making. This would allow those people in
security-sensitive environments to make trusted use of red hat's up2date

Comment 1 Adrian Likins 2001-07-05 22:43:41 UTC
Users can verify packages via gpg sigs ( if you know how to fake gpg
sigs, please file another bug report against gpg). 

They can also validate the packages via md5sums, file size, binary diffs,
by examining the contents of the packages, and the source rpms. 

The server code is currently not distributed in any form.

Reclassifying as a enhancement request.

Note You need to log in before you can comment on or make changes to this bug.