FS#51236 - [pacman] /etc/makepkg: use sha512 as the default for INTEGRITY_CHECK
Attached to Project:
Arch Linux
Opened by mpan (mpan) - Tuesday, 04 October 2016, 20:40 GMT
Last edited by Allan McRae (Allan) - Tuesday, 04 October 2016, 21:14 GMT
Opened by mpan (mpan) - Tuesday, 04 October 2016, 20:40 GMT
Last edited by Allan McRae (Allan) - Tuesday, 04 October 2016, 21:14 GMT
|
Details
In the default “/etc/makepkg.conf”:
INTEGRITY_CHECK=(sha512) Justification for the change: In a talk on the forum¹ it has came out that some people use makepkg checksums as a security feature for authenticating sources. While one may argue if it should be used like that, the fact is that it is employed for that purpose and MD5 isn’t suitable for any security-related task for nearly a decade. Justification for the choice of SHA512 over other candidates: Among the SHA2 functions: - SHA512 provides the lowest collision probability; - Other candidates (SHA224, SHA256 and SHA384) have no advantages over SHA512. Negative effects of the change on users: - For users that don’t explicitly wish for a particular hashing algorithm: obviously none. - For users that want a particular algorithm: none, as `makepkg -g` will use what they have in PKGBUILD. Drawbacks: - May be considered as a solution that gives a false sense of security, but actually the use of INTEGRITY_CHECK itself for that purpose is the core problem which should be addressed. The change is a makeshift to somewhow seal the hole until it’s properly fixed. ____ ¹ <https://bbs.archlinux.org/viewtopic.php?id=217588>; NOTE: this feature request is *NOT* related to OP’s request — a need for it just arisen from the process of discussing OP’s idea. |
This task depends upon
Closed by Allan McRae (Allan)
Tuesday, 04 October 2016, 21:14 GMT
Reason for closing: Won't implement
Tuesday, 04 October 2016, 21:14 GMT
Reason for closing: Won't implement