I don't understand.   I seriously doubt the cia would be interested in this
feature.  From what you describe, every internet-shared facility is
insecure.  Your argument means no code could ever be disrtributed via the
net.

I'm not proposing that this would be forced on anyone.  I'm just suggesting
it for people like me.

----- Original Message -----
From: "Dan Sugalski" <dan / sidhe.org>
To: "ruby-talk ML" <ruby-talk / ruby-lang.org>
Sent: Sunday, January 06, 2002 7:03 PM
Subject: [ruby-talk:30410] Re: snippet exchange (was: Re: Re: chomp for
arrays?)


> At 11:48 AM 1/7/2002 +0900, Rich Kilmer wrote:
> >Right and the way to address this is to have a public/private encryption
key
> >pair that signs the stored RubyGem/code a la Java Jar signing.
>
> I'm not entirely sure that this would be sufficient.
>
> No, that's not true. I'm entirely sure it's not sufficient. I can think of
> many, many ways to crock this. You're counting on the remote keyserver
> being trustworthy (they aren't), DNS being trustworthy (it isn't), that
the
> signing entity is trustworthy (they aren't), and that the source you're
> fetching is safe to use sight unseen (it isn't).
>
> Someone could poison your DNS cache. The remote repository can be
> compromised.   The keyserver can be compromised. A proxy in the middle of
> the transaction can be compromised or poisoned. The person providing the
> code can be less trustworthy than you think they are.
>
> Yeah, these are all potential issues when installing any chunk of code
from
> the net, but at least with a manual install you have a chance to check
> things out even if you choose not to. With automagic loading, you take all
> the potential checks out of the process. (FWIW, I considered this and
> discarded it for parrot. It's the sort of thing I'd not allow to be
> installed on a system I administered)
>
> > > -----Original Message-----
> > > From: Dan Sugalski [mailto:dan / sidhe.org]
> > > Sent: Sunday, January 06, 2002 9:38 PM
> > > To: ruby-talk ML
> > > Subject: [ruby-talk:30401] Re: snippet exchange (was: Re: Re: chomp
for
> > > arrays?)
> > >
> > >
> > > At 06:31 AM 1/7/2002 +0900, Mark Hahn wrote:
> > >
> > > >A daydream of mine is a "super-require" that if the file was not
> > > found, the
> > > >loader would go to a central place on the web and load it (sort of
like
> > > >marimba).  I don't tend to use other people's modules just
> > > because I'm too
> > > >lazy to find and install them.
> > >
> > > That's a rather dangerous thing to implement. There are an awful lot
of
> > > security issues there...
>
>
> Dan
>
> --------------------------------------"it's like this"-------------------
> Dan Sugalski                          even samurai
> dan / sidhe.org                         have teddy bears and even
>                                       teddy bears get drunk
>