| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:mime-version:in-reply-to:references:date | |
| :message-id:subject:from:to:content-type; q=dns; s=default; b=UK | |
| bpDqeFqMPgRTEXfh0ZgyD4P5sCn8gPNvcCceS6xviYoqZYd0Q9GBxKCvqfrNeULj | |
| 7RSvGQhl8wHtUM07QrMoJmlx44vqvNUkaXDO4WPyoskkbRkOOamCOyznLyskb8Sw | |
| Wp0BvNkVvURWGjBSl9zz81t3OIa3ewMD1UzZf3NQM= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:mime-version:in-reply-to:references:date | |
| :message-id:subject:from:to:content-type; s=default; bh=i7rWNLb2 | |
| MyGlowqJ59dSXbUvHPo=; b=k8K/3Eekvthyxa/dOb4rxJs2pbt3i0bzHHTYIqIC | |
| YdlgqRdnGfHaJdVG2TTpIuJ3q5lc116g8RxWUwni9JT3s0psv79D9Z9akax8vcBx | |
| v4ILkktg6FyOyrkQ3viyWESjeULwZ0r2aQ51jF+sdQAUcAQ8UIXtbVDrUzkVgqw+ | |
| Ax4= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=1.0 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 |
| X-HELO: | mail-la0-f52.google.com |
| MIME-Version: | 1.0 |
| X-Received: | by 10.112.54.165 with SMTP id k5mr63656lbp.57.1428024196484; Thu, 02 Apr 2015 18:23:16 -0700 (PDT) |
| In-Reply-To: | <E1Ydjc5-0000kv-WD@rmm6prod02.runbox.com> |
| References: | <E1Ydjc5-0000kv-WD AT rmm6prod02 DOT runbox DOT com> |
| Date: | Thu, 2 Apr 2015 21:23:16 -0400 |
| Message-ID: | <CADi7v6JKmP7Q2Bb9FgR0rjqQ+F1a_Y6nrG=v8x7WcesqKzXP4Q@mail.gmail.com> |
| Subject: | Re: Should cygwin's setup*.exe be signed using Sign Tool? |
| From: | Bryan Berns <bryan DOT berns AT gmail DOT com> |
| To: | dwheeler AT dwheeler DOT com, cygwin AT cygwin DOT com |
| X-IsSubscribed: | yes |
> Has Cygwin considered signing the installer using Sign Tool? More info: > https://msdn.microsoft.com/en-us/library/windows/desktop/aa387764%28v=vs.85%29.aspx > http://blog.didierstevens.com/2008/12/31/howto-add-a-digital-signature-to-executables/ > > I believe signing it this way would eliminate the "unknown publisher"; it would also protect the many people who don't follow the current signature-checking process. This would create a strong barrier against code subversion after release. > > The signed executable could also be signed using the current process, so you don't need to *eliminate* any capability. I can't provide a patch to do this, obviously :-). > > --- David A. Wheeler Ultimately, this is probably a Corinna question since I believe she compiles the setup executable, but I'll provide my general input as an software developer. Firstly, the tools to sign an executable are certainly available as part of the Windows SDK which is freely downloadable -- so no problem there. However, we would have to determine which publicly trusted certificate to use (using a self-signed cert would likely produce the same message) and is signing the executable the *right* thing to do. Since the setup executable is responsible for running a whole bunch of community contributed post-install executables as part of the installation process, I'm not sure whether it'd be advisable to stamp a particular individual's name or company's name on the executive installer (e.g. Red Hat, for example). If a tainted executable was uploaded into the package repository and subsequently flagged, the certificate authority may have to revoke the certificate which is never good for publicity of the signer. For most pieces of software, the maintainer or the maintainers company's can very confidently vouch for the content of the installation package and executables within it. In the Cygwin world, this accountability is a little more distributed between the package maintainers and source code contributors. That said, I have the upmost respect for the package maintainers and I've never had any security problems with the Cygwin packages other than stupid antivirus false positives and some dirty limericks that got installed (my HR department didn't like that). So that's my two cents. For all I know the *real* reason it's not signed is "nobody had asked for it". - Bryan -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |