On Sat, 2009-04-18 at 16:56 +0200, Till Maas wrote:
This is what I know and hope is true: The deltarpm tools are only
used to
regenerate the original rpms instead of downloading then. Therefore they still
need to pass all verification that yum or rpm do, e.g. checking the gpg
signature. Therefore an attacker needs access to the signing keys to create a
malicous deltarpm that has a real security impact.
Exactly. The md5 checksum in the deltarpm functions as just that, a
checksum against accidental corruption. The security check comes from
the gpg signature after the rpm has been regenerated.
Jonathan