Simon McVittie writes:
> On Tue, 22 Oct 2019 at 05:22:57 +0200, Bastian Blank wrote:
>> - Files need to be compressed and are recorded as such, which is a hard
>> problem and give rise to tools like pristine-tar and such.
>
> My understanding is that this is deliberate: it means the only layer
> with the hard requirement to be able to cope with malicious/crafted files
> without introducing security vulnerabilities (whether that means arbitrary
> code execution via parser bugs, or denial of service via "zip bombs")
> is the PGP signature verification on the (uncompressed) .dsc. Everything
> else is authenticated before being decompressed, either directly via
> the PGP signature or via the authenticated hashes in the .dsc.
I think there are two separate uses:
- if you want to validate that the upload is as intended by the
maintainer, then a signature of the uncompressed source is
sufficient. (A signature over the compressed source works too if you
do not want to switch to new compression format later.)
- for all other purposes (regular downloads, ...), one would like a
signature over the data that is used, i.e. usually for downloads of
the compressed variant.
kernel.org uses a similar scheme: there are signatures for the
uncompressed tarballs by the maintainer (linux-*.tar.sign). In addition
there is a sha256sums.asc which has strong hashes of the compresssed
files (linux-*.tar.{gz,xz}) and is signed by their archive management
system.
As far as I understand git-archive is fairly good as reproducing
identical uncompressed tarballs at a later time from the git repository.
Ansgar
