[Rd] Wrongly checked MD5 checksums in R 3.2.0's windows binary
pdalgd at gmail.com
Mon May 11 17:00:48 CEST 2015
> On 11 May 2015, at 15:53 , Duncan Murdoch <murdoch.duncan at gmail.com> wrote:
> On 11/05/2015 9:35 AM, Tal Galili wrote:
>> Hi Duncan,
>> Thank you for the clarification. :)
>> I ended up removing these files from being scanned in the updated version of installr. I would rather focus on supporting an MD5 scan that is based on what is listed in MD5 file itself (ignoring exceptions that are not clearly stated in the file).
> I'm not sure what the purpose is of your test, but if it is to detect modified files, that might not be a good strategy. A malicious agent could install fake bin/R.exe or bin/Rscript.exe and not be caught.
> Of course, if they knew to modify those two files but not any others, they would know enough to also install a fake MD5 file, and then there's basically nothing you could do.
As a general matter, checksumming is useless against tampering if you ship the checksums with the files (that's why I put the checksums in the release announcements: so that they travel alon a different route to the user). If you do, they only make sense as safeguards against technical errors (such as the infamous CR/CRLF conversions).
I still don't get why Tal refuses to work out the apparently quite simple logic that decides which checksums should be used to check the installed R.exe and Rscript.exe.
Peter Dalgaard, Professor,
Center for Statistics, Copenhagen Business School
Solbjerg Plads 3, 2000 Frederiksberg, Denmark
Email: pd.mes at cbs.dk Priv: PDalgd at gmail.com
More information about the R-devel