[Rd] Wrongly checked MD5 checksums in R 3.2.0's windows binary

peter dalgaard pdalgd at gmail.com
Mon May 11 17:00:48 CEST 2015


> On 11 May 2015, at 15:53 , Duncan Murdoch <murdoch.duncan at gmail.com> wrote:
> 
> On 11/05/2015 9:35 AM, Tal Galili wrote:
>> Hi Duncan,
>> Thank you for the clarification. :)
>> 
>> I ended up removing these files from being scanned in the updated version of installr. I would rather focus on supporting an MD5 scan that is based on what is listed in MD5 file itself (ignoring exceptions that are not clearly stated in the file).
>> 
> 
> I'm not sure what the purpose is of your test, but if it is to detect modified files, that might not be a good strategy.  A malicious agent could install fake bin/R.exe or bin/Rscript.exe and not be caught.
> 
> Of course, if they knew to modify those two files but not any others, they would know enough to also install a fake MD5 file, and then there's basically nothing you could do.
> 
> Duncan

As a general matter, checksumming is useless against tampering if you ship the checksums with the files (that's why I put the checksums in the release announcements: so that they travel alon a different route to the user). If you do, they only make sense as safeguards against technical errors (such as the infamous CR/CRLF conversions).

I still don't get why Tal refuses to work out the apparently quite simple logic that decides which checksums should be used to check the installed R.exe and Rscript.exe.

-- 
Peter Dalgaard, Professor,
Center for Statistics, Copenhagen Business School
Solbjerg Plads 3, 2000 Frederiksberg, Denmark
Phone: (+45)38153501
Email: pd.mes at cbs.dk  Priv: PDalgd at gmail.com



More information about the R-devel mailing list