[pmwiki-users] Increased recipe security without much hassle (Was: Infected Cookbook Recipes?)

Neil Herber (nospam) nospam at eton.ca
Wed Oct 8 23:30:08 CDT 2008

Ian MacGregor wrote:
> This message is in reference to:
> http://pmichaud.com/pipermail/pmwiki-users/2008-September/052378.html
> I've an idea about this.
> 1) Author generates an MD5 hash
> 2) Author uploads the recipe and adds a $RecipeName-hash page and links
> to it (ex. CookBook.MyRecipe would have a hash page of
> CookBook.MyRecipe-hash)
> 3) Author adds the hash to the $RecipeName-hash page and then password
> protects editing of that page, not the recipe page itself.
> This way the hash can't be changed by anyone except the author and we
> know where each hash page would be for each recipe - we know not to
> trust any hash we find on CookBook.MyRecipe-hash2 or
> CookBook.Myrecipe-Hash. Of course all recipe authors would need to agree
> on a single form of the hash page link. 

... snipped ...


I suggested that authors could post MD5s of their recipes on a site they 
controlled. If you trust the author, you would probably trust the MD5.

Even if you have a password-protected hash page on PmWiki.org, there is 
no guarantee that it has not been compromised.

For example, Malicious Individual (MI) sees a recipe with no MD5, 
uploads an infected recipe to replace it, creates an MD5, saves it to 
the hash page, and signs it as the original author.

As discussed by others here, the best way to ensure the provenance of 
recipes is for authors to digitally sign them with a public key. But 
some (most?, all?) authors probably see that as too big a burden for a 
marginal gain.

Neil Herber
Corporate info at http://www.eton.ca/

More information about the pmwiki-users mailing list