[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #8288 [Tor bundles/installation]: security, relability and repeatability issues in the TBB build process

To: undisclosed-recipients:;
Subject: [tor-bugs] #8288 [Tor bundles/installation]: security, relability and repeatability issues in the TBB build process
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 20 Feb 2013 01:49:46 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 19 Feb 2013 20:49:54 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#8288: security, relability and repeatability issues in the TBB build process
--------------------------------------+-------------------------------------
 Reporter:  ioerror                   |          Owner:  erinn
     Type:  enhancement               |         Status:  new  
 Priority:  normal                    |      Milestone:       
Component:  Tor bundles/installation  |        Version:       
 Keywords:                            |         Parent:       
   Points:                            |   Actualpoints:       
--------------------------------------+-------------------------------------
 Currently when building TBB on any system, we open the builder up to
 compromise. We also open ourselves up to reliability issues as a mirror
 might vanish and leave us out in the cold.

 We rely on fetching software from servers that we do not control and in
 doing so, we use insecure transport mechanisms. Building TBB should not
 allow a local network attacker to get code execution on the builder's
 machine. I propose that we host at least one HTTPS mirror of the required
 source code. I've opened bug #8286 to discuss this topic and to propose
 patches. I believe this will make our build process more reliable as a
 third-party downed mirror will not prevent a build.

 We also do not verify that the dependencies for TBB are verified - if
 someone were to simply tamper with the remote server's archive, the
 builder would be in trouble. I've opened a ticket to add what I think
 should be the current expected hashes to the build process in bug #8283. I
 think it would also make sense to _check_ against the expected hashes, I
 may or may not open a separate bug for that issue - thoughts?

 To the goal of being able to build TBB on OS X from a clean slate is
 currently being discussed in #8246 and I think it is a reasonable goal to
 try to work homebrew into the process. Homebrew ensures that a similar
 hash check is done on software before it installs the software. Thus we'll
 nearly have a totally trusted chain of tools and source code to build TBB
 on OS X. Later, I think we should ensure this is the same for all
 platforms.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8288>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #8288 [Tor bundles/installation]: security, relability and repeatability issues in the TBB build process
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #8287 [- Select a component]: XML Source Box continuously on firefox in linux mint
Next by Author: Re: [tor-bugs] #8286 [Tor bundles/installation]: Fetch software during TBB build process only over trusted HTTPS
Previous by thread: Re: [tor-bugs] #8287 [TorBrowserButton]: XML Source Box continuously on firefox in linux mint
Next by thread: Re: [tor-bugs] #8288 [Tor bundles/installation]: security, relability and repeatability issues in the TBB build process
Index(es):
- Author
- Thread