[Distutils] Surviving a Compromise of PyPI - PEP 458 and 480

Nick Coghlan ncoghlan at gmail.com
Wed Dec 31 05:01:42 CET 2014

On 31 December 2014 at 12:32, Donald Stufft <donald at stufft.io> wrote:

> PyPI trusts the CDN to give it the correct bits, without a signature from
> the author that is being verified uploading just relies on TLS again. The
> other PEP should close that gap though I believe.

I'm actually not sure what going through the CDN is buying us on the upload
side of things in the first place, given the main pay-off provided by a CDN
is geographically distributed caching of unchanging data for faster

So it seems to me that that particular vulnerability could potentially be
fixed more simply by bypassing the CDN entirely for the upload case. That's
simplicity in the *conceptual* sense, though - there may be architectural
issues in the current implementation of PyPI and the related tools that
make it harder in practice than it would be in theory.

Either way, I agree that any kind of upload compromise based attack is also
out of scope for PEP 458 - that's now entirely about ensuring that the bits
delivered to end users are the same bits PyPI published. Making sure that
the bits *PyPI* publishes are the same ones that the *developer* published
is the domain of PEP 480.


Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20141231/b467417e/attachment.html>

More information about the Distutils-SIG mailing list