hackage, cabal-get, and security
Isaac Jones
ijones at syntaxpolice.org
Tue May 17 01:51:55 EDT 2005
Bulat Ziganshin <bulatz at HotPOP.com> writes:
> Hello Isaac,
>
> Wednesday, May 11, 2005, 7:37:07 PM, you wrote:
>
>>> Security is becoming ever more important, and the Haskell community
>>> is growing, thereby increasing the currently remote possibility of
>>> deliberate malware. Since installation via hackage will be both
>>> automatic, and often performed with root access, it is essential
>>> to have a good security model from the beginning.
>
> i suggest some compromise variant: signing packages with gnupg, and
> including all the necessary functionality in the hackage itself.
> hackage must be able to generate key and to automatically sign
> uploaded packages - so this will not require additional skills from
> package writer as currently don't require from package's users
>
> not every package writer are want and able to master another complex
> program - in this case, gnupg. and if Haskell popularity will grow,
> percent of such people among all package writers will grow. look at me
> as example :)
I hope that cabal-put will cover details of how to use gnupg. It's
not terribly hard to do the few things that cabal-put needs, but I
hope it can automate them. Hackage will also sign the packages, but
that's another part of the chain, and not sufficient. Packagers also
have to sign their own packages.
> so, i think, that attention must be moved to easying of generating
> keys and autosigning uploaded packages. if this will be impossible,
> then we must use, i think, at least simple password scheme for
> uploading unsigned packages. in any way, hackage server must ensure
> that packages are not overwitten by non-authors
I agree.
peace,
isaac
More information about the Libraries
mailing list