Bug 188432

Summary: portsnap(8): MITM attacks against portsnap mirrors (pmirror.sh)
Product: Base System Reporter: David <david.i.noel>
Component: binAssignee: Colin Percival <cperciva>
Status: Closed Overcome By Events    
Severity: Affects Many People CC: david.i.noel
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   

Description David 2014-04-10 17:30:01 UTC 
The portsnap mirroring script pmirror.sh lacks of any sort of mechanism to verify fetched data prior to processing and mirroring it. Without this, mirrors are open to compromise via decompression library exploitation. It also means an attacker could feed a mirror a corrupt archive, opening users of that mirror to compromise.

Fix: 

Solution summary: The addition of hashes and hash verification code to pmirror.sh.

The lines of concern in pmirror.sh are 99-103, 121-125, 138-149, and 153-157.
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2014-04-14 00:37:33 UTC 
Responsible Changed
From-To: freebsd-bugs->cperciva

Over to maintainer.
Comment 2 Eitan Adler freebsd_committer freebsd_triage 2018-05-28 19:43:51 UTC 
batch change:

For bugs that match the following
-  Status Is In progress 
AND
- Untouched since 2018-01-01.
AND
- Affects Base System OR Documentation

DO:

Reset to open status.


Note:
I did a quick pass but if you are getting this email it might be worthwhile to double check to see if this bug ought to be closed.
Comment 3 Mark Linimon freebsd_committer freebsd_triage 2025-01-21 16:28:20 UTC 
^Triage: portsnap was disconnected from the build 20230420.