Reproducible tarballs on Github?

Daniel Shahaf danielsh at apache.org
Mon Oct 25 19:21:45 UTC 2021


David A. Wheeler wrote on Sun, 24 Oct 2021 01:41 +00:00:
>> On Oct 23, 2021, at 3:23 PM, Arthur Gautier <baloo at superbaloo.net> wrote:
>> All I'm suggesting is to checksum the inflated version of the archive
>> and not the compressed one.
>
> Checksumming the inflated version makes sense to me, so that improved/varying
> compression doesn’t matter (since it produces the same result).

One downside here is that the verifying end would have to decompress
untrusted data before verifying it.

Anecdotally, there's at least one project that elected to reduce the
attack surface by redundantly MAC'ing compressed data, specifically to
defend against "a theoretical attacker who … "has found a security
flaw in zlib decoding" (quoting https://www.tarsnap.com/crypto.html,
third bullet).

Cheers,

Daniel


> Sounds like maybe GitHub doesn’t need to change anything.
> If someone thinks GitHub *does* need to change something, I’d like to know
> exactly what practical change is desired.
>
> --- David A. Wheeler


More information about the rb-general mailing list