hackage, cabal-get, and security

Isaac Jones ijones at syntaxpolice.org
Tue May 17 01:51:55 EDT 2005


Bulat Ziganshin <bulatz at HotPOP.com> writes:

> Hello Isaac,
>
> Wednesday, May 11, 2005, 7:37:07 PM, you wrote:
>
>>> Security is becoming ever more important, and the Haskell community
>>> is growing, thereby increasing the currently remote possibility of
>>> deliberate malware.  Since installation via hackage will be both
>>> automatic, and often performed with root access, it is essential
>>> to have a good security model from the beginning.  
>
> i suggest some compromise variant: signing packages with gnupg, and
> including all the necessary functionality in the hackage itself.
> hackage must be able to generate key and to automatically sign
> uploaded packages - so this will not require additional skills from
> package writer as currently don't require from package's users
>
> not every package writer are want and able to master another complex
> program - in this case, gnupg. and if Haskell popularity will grow,
> percent of such people among all package writers will grow. look at me
> as example :)

I hope that cabal-put will cover details of how to use gnupg.  It's
not terribly hard to do the few things that cabal-put needs, but I
hope it can automate them.  Hackage will also sign the packages, but
that's another part of the chain, and not sufficient.  Packagers also
have to sign their own packages.

> so, i think, that attention must be moved to easying of generating
> keys and autosigning uploaded packages. if this will be impossible,
> then we must use, i think, at least simple password scheme for
> uploading unsigned packages. in any way, hackage server must ensure
> that packages are not overwitten by non-authors

I agree.

peace,

   isaac


More information about the Libraries mailing list