FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 08-22-2008, 01:09 PM
David Both
 
Default Infrastructure report, 2008-08-22 UTC 1200

Any information on the attack vector?

Paul W. Frields wrote:

Last week we discovered that some Fedora servers were illegally
accessed. The intrusion into the servers was quickly discovered, and the
servers were taken offline.

Security specialists and administrators have been working since then to
analyze the intrusion and the extent of the compromise as well as
reinstall Fedora systems. We are using the requisite outages as an
opportunity to do other upgrades for the sake of functionality as well
as security. Work is ongoing, so please be patient. Anyone with
pertinent information relating to this event is asked to contact
fedora-legal@redhat.com.

One of the compromised Fedora servers was a system used for signing
Fedora packages. However, based on our efforts, we have high confidence
that the intruder was not able to capture the passphrase used to secure
the Fedora package signing key. Based on our review to date, the
passphrase was not used during the time of the intrusion on the system
and the passphrase is not stored on any of the Fedora servers.

While there is no definitive evidence that the Fedora key has been
compromised, because Fedora packages are distributed via multiple
third-party mirrors and repositories, we have decided to convert to new
Fedora signing keys. This may require affirmative steps from every
Fedora system owner or administrator. We will widely and clearly
communicate any such steps to help users when available.

Among our other analyses, we have also done numerous checks of the
Fedora package collection, and a significant amount of source
verification as well, and have found no discrepancies that would
indicate any loss of package integrity. These efforts have also not
resulted in the discovery of additional security vulnerabilities in
packages provided by Fedora.

Our previous warnings against further package updates were based on an
abundance of caution, out of respect for our users. This is also why we
are proceeding with plans to change the Fedora package signing key. We
have already started planning and implementing other additional
safeguards for the future. At this time we are confident there is little
risk to Fedora users who wish to install or upgrade signed Fedora
packages.

In connection with these events, Red Hat, Inc. detected an intrusion of
certain of its computer systems and has issued a communication to Red
Hat Enterprise Linux users which can be found at
http://rhn.redhat.com/errata/RHSA-2008-0855.html. This communication
states in part, "Last week Red Hat detected an intrusion on certain of
its computer systems and took immediate action. While the investigation
into the intrusion is on-going, our initial focus was to review and test
the distribution channel we use with our customers, Red Hat Network
(RHN) and its associated security measures. Based on these efforts, we
remain highly confident that our systems and processes prevented the
intrusion from compromising RHN or the content distributed via RHN and
accordingly believe that customers who keep their systems updated using
Red Hat Network are not at risk. We are issuing this alert primarily for
those who may obtain Red Hat binary packages via channels other than
those of official Red Hat subscribers."

It is important to note that the effects of the intrusion on Fedora and
Red Hat are *not* the same. Accordingly, the Fedora package signing key
is not connected to, and is different from, the one used to sign Red Hat
Enterprise Linux packages. Furthermore, the Fedora package signing key
is also not connected to, and is different from, the one used to sign
community Extra Packages for Enterprise Linux (EPEL) packages.

We will continue to keep the Fedora community notified of any updates.

Thank you again for your patience.





--

************************************************** *******
"I'd put my money on the sun and solar energy. What a source of power! I hope we don't have to wait until oil and coal run out before we tackle that."
- Thomas Edison, in conversation with Henry Ford and Harvey Firestone, 1931

************************************************** *******
David P. Both



--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-22-2008, 02:33 PM
"Alexandre Dulaunoy"
 
Default Infrastructure report, 2008-08-22 UTC 1200

On Fri, Aug 22, 2008 at 2:00 PM, Paul W. Frields <stickster@gmail.com> wrote:


> One of the compromised Fedora servers was a system used for signing
> Fedora packages. However, based on our efforts, we have high confidence
> that the intruder was not able to capture the passphrase used to secure
> the Fedora package signing key.

Sorry but there is information on the redhat.com website is somehow
contradicting
the fact that the attacker was not able to capture the passphrase (and
sign packages) :

http://www.redhat.com/security/data/openssh-blacklist.html

"In connection with the incident, the intruder was able to sign a
small number of
OpenSSH packages relating only to Red Hat Enterprise Linux 4 (i386 and
x86_64 architectures only)
and Red Hat Enterprise Linux 5 (x86_64 architecture only)."

For what I know, there is a separation between Red Hat and the Fedora
Project but if the attacker
was able to sign packages for Red Hat Enterprise.... Why he was not
able for Fedora packages (including
source packages)?

Could you provide us more information about differences in the signing process
between Fedora and Red Hat? At least to give us some views why we
should be confident
in the past and current signed packages.

Thanks a lot,

adulau

--
-- Alexandre Dulaunoy (adulau) -- http://www.foo.be/
-- http://www.foo.be/cgi-bin/wiki.pl/Diary
-- "Knowledge can create problems, it is not through ignorance
-- that we can solve them" Isaac Asimov

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-22-2008, 02:52 PM
Rahul Sundaram
 
Default Infrastructure report, 2008-08-22 UTC 1200

Alexandre Dulaunoy wrote:


[Not speaking for anyone else except myself here]


One of the compromised Fedora servers was a system used for signing
Fedora packages. However, based on our efforts, we have high confidence
that the intruder was not able to capture the passphrase used to secure
the Fedora package signing key.


Sorry but there is information on the redhat.com website is somehow
contradicting
the fact that the attacker was not able to capture the passphrase (and
sign packages) :


The above quote refers to Fedora packages while the website link refers
to RHEL packages. I don't see the contradiction.



http://www.redhat.com/security/data/openssh-blacklist.html

"In connection with the incident, the intruder was able to sign a
small number of
OpenSSH packages relating only to Red Hat Enterprise Linux 4 (i386 and
x86_64 architectures only)
and Red Hat Enterprise Linux 5 (x86_64 architecture only)."

For what I know, there is a separation between Red Hat and the Fedora
Project but if the attacker
was able to sign packages for Red Hat Enterprise.... Why he was not
able for Fedora packages (including
source packages)?

Could you provide us more information about differences in the signing process
between Fedora and Red Hat? At least to give us some views why we
should be confident
in the past and current signed packages.


The keys and systems used for signing packages are different for Fedora,
EPEL and RHEL as the announcement indicates and if someone signed Fedora
packages with RHEL keys, that can be detected easily.


Rahul

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-22-2008, 02:54 PM
Michael J Gruber
 
Default Infrastructure report, 2008-08-22 UTC 1200

Alexandre Dulaunoy venit, vidit, dixit 22.08.2008 16:33:
> On Fri, Aug 22, 2008 at 2:00 PM, Paul W. Frields <stickster@gmail.com> wrote:
>
>
>> One of the compromised Fedora servers was a system used for signing
>> Fedora packages. However, based on our efforts, we have high confidence
>> that the intruder was not able to capture the passphrase used to secure
>> the Fedora package signing key.
>
> Sorry but there is information on the redhat.com website is somehow
> contradicting
> the fact that the attacker was not able to capture the passphrase (and
> sign packages) :
>
> http://www.redhat.com/security/data/openssh-blacklist.html
>
> "In connection with the incident, the intruder was able to sign a
> small number of
> OpenSSH packages relating only to Red Hat Enterprise Linux 4 (i386 and
> x86_64 architectures only)
> and Red Hat Enterprise Linux 5 (x86_64 architecture only)."
>
> For what I know, there is a separation between Red Hat and the Fedora
> Project but if the attacker
> was able to sign packages for Red Hat Enterprise.... Why he was not
> able for Fedora packages (including
> source packages)?
>
> Could you provide us more information about differences in the signing process
> between Fedora and Red Hat? At least to give us some views why we
> should be confident
> in the past and current signed packages.
>
> Thanks a lot,
>
> adulau

As Paul pointed out, the keys are different, and the Fedora key was not
in use (no passphrase typed in) during the critical time frame. Funny
thing is:

- Fedora's key will be changed, not RHEL's, which has been compromised.
- High security private keys are best kept in bare metal and used on
boxes without incoming network. This doesn't seem to apply to the
package signing keys.

Michael

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-22-2008, 03:06 PM
"Bill Crawford"
 
Default Infrastructure report, 2008-08-22 UTC 1200

2008/8/22 Michael J Gruber <michaeljgruber+gmane@fastmail.fm>:

> - Fedora's key will be changed, not RHEL's, which has been compromised.
> - High security private keys are best kept in bare metal and used on
> boxes without incoming network. This doesn't seem to apply to the
> package signing keys.

We don't know that the RHEL key has been compromised; perhaps dodgy
packages were fed to a signing mechanism that was not directly
accessible to the attacker (and maybe they detected the intrusion
because someone noticed something fishy about the packages they were
signing?) .... we don't know the full story. Maybe RHEL will have
updated keys distributed via RHN. *shrug*

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-22-2008, 03:10 PM
"Alexandre Dulaunoy"
 
Default Infrastructure report, 2008-08-22 UTC 1200

On Fri, Aug 22, 2008 at 4:54 PM, Michael J Gruber
<michaeljgruber+gmane@fastmail.fm> wrote:

>
> As Paul pointed out, the keys are different, and the Fedora key was not
> in use (no passphrase typed in) during the critical time frame.

Yep. Just wondering how the attacker retrieved the passphrase for Red Hat.

Looking at this paper[1], gpg is quite safe regarding its memory use
while processing
the passphrase. Except if you use a terminal that will intercept and
store the passphrase
somewhere in memory ;-)

Could be very interesting to know how the attacker was able to catch
the passphrase.
(maybe via a bash_history containing the passphrase typed in the shell
prompt ;-)

[1] http://philosecurity.org/pubs/davidoff-clearmem-linux.pdf

> Funny
> thing is:
>
> - Fedora's key will be changed, not RHEL's, which has been compromised.
> - High security private keys are best kept in bare metal and used on
> boxes without incoming network. This doesn't seem to apply to the
> package signing keys.

This is a very good point. Signing key should be done on a dedicated
system where
there is no permanent network connectivity. Maybe that could be a
good enhancement
for the future ;-)

Thanks for the feedback,

adulau

--
-- Alexandre Dulaunoy (adulau) -- http://www.foo.be/
-- http://www.foo.be/cgi-bin/wiki.pl/Diary
-- "Knowledge can create problems, it is not through ignorance
-- that we can solve them" Isaac Asimov

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-22-2008, 04:44 PM
Rahul Sundaram
 
Default Infrastructure report, 2008-08-22 UTC 1200

Michael J Gruber wrote:


- Fedora's key will be changed, not RHEL's, which has been compromised.


No indication of the latter. The setup is different. Refer

http://www.awe.com/mark/blog/200701300906.html

Rahul

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-22-2008, 04:59 PM
"Miles Sabin"
 
Default Infrastructure report, 2008-08-22 UTC 1200

On Fri, Aug 22, 2008 at 5:44 PM, Rahul Sundaram
<sundaram@fedoraproject.org> wrote:
> Michael J Gruber wrote:
>
>> - Fedora's key will be changed, not RHEL's, which has been compromised.
>
> No indication of the latter. The setup is different. Refer
>
> http://www.awe.com/mark/blog/200701300906.html

Only if you define "compromised" as possession of the unencrypted private key.

The RHEL signing keys have, however, been used by an unauthorized
party to sign unauthorized packages. Some people would say that that
qualified as "compromised" on any reasonable definition.

Incidentally, what does "with high probability" mean? Anything more
than "we're pretty sure, but we can't really say how sure"?

Cheers,


Miles

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-22-2008, 05:08 PM
Rahul Sundaram
 
Default Infrastructure report, 2008-08-22 UTC 1200

Miles Sabin wrote:

On Fri, Aug 22, 2008 at 5:44 PM, Rahul Sundaram
wrote:

Michael J Gruber wrote:


- Fedora's key will be changed, not RHEL's, which has been compromised.

No indication of the latter. The setup is different. Refer

http://www.awe.com/mark/blog/200701300906.html


Only if you define "compromised" as possession of the unencrypted private key.

The RHEL signing keys have, however, been used by an unauthorized
party to sign unauthorized packages. Some people would say that that
qualified as "compromised" on any reasonable definition.


Yes but if it requires physical access, there is no need to generate a
new key.



Incidentally, what does "with high probability" mean? Anything more
than "we're pretty sure, but we can't really say how sure"?


Probably it means they don't have any reason to believe otherwise.

Rahul

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 08-22-2008, 05:13 PM
"Miles Sabin"
 
Default Infrastructure report, 2008-08-22 UTC 1200

On Fri, Aug 22, 2008 at 6:08 PM, Rahul Sundaram
<sundaram@fedoraproject.org> wrote:
>> The RHEL signing keys have, however, been used by an unauthorized
>> party to sign unauthorized packages. Some people would say that that
>> qualified as "compromised" on any reasonable definition.
>
> Yes but if it requires physical access, there is no need to generate a new
> key.

There are bogus packages already signed and quite possibly out in the
wild ... what do you mean there's no need to generate a new key?

Cheers,


Miles

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 

Thread Tools




All times are GMT. The time now is 07:17 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org