Skip to content
This repository was archived by the owner on Jul 16, 2020. It is now read-only.

Test pip security without and with TUF

Jump to bottom
Trishank Karthik Kuppusamy edited this page Sep 18, 2013 · 30 revisions
  1. Key revocation: we show how easy it is to revoke compromised keys with TUF. (You may manually sign packages with PGP, and keys could implicitly expire with time, but how would you explicitly and immediately revoke compromised keys?)
  2. pip without TUF
  3. pip with TUF
  4. PyPI compromise: how is pip affected when PyPI is compromised?
  5. pip without TUF
  6. pip with TUF
  7. Replay and freeze attacks: we prevent pip from seeing updates.
  8. pip without TUF
  9. pip with TUF
  10. Arbitrary package attacks: we show pip packages with dubious origins.
  11. pip without TUF
  12. pip with TUF
  13. Slow retrieval attacks: we trickle updates to pip. (This might allow an attacker to remotely exploit a vulnerability before an update is downloaded to completion.)
  14. pip without TUF
  15. pip with TUF
  16. Endless data attacks: we serve endless data to pip. (This will allow an attacker to fill up the victim's hard drive.)
  17. pip without TUF
  18. pip with TUF

(All of these tests will be valid until Sep 1 2014 01:54:37 UTC, at which point all of the TUF metadata will expire.)

Clone this wiki locally