diff options
| author | Bruno Haible <bruno@clisp.org> | 2010-08-10 01:56:36 +0100 |
|---|---|---|
| committer | Pádraig Brady <P@draigBrady.com> | 2010-08-15 01:02:44 +0100 |
| commit | 9e900e81dbb64c529a99abf6520d95245897cf84 (patch) | |
| tree | 5013cfde75539407aab679823e98e62681c724d6 | |
| parent | b5f9a6a176a32d73745fc61366c26f2c1ff9fca7 (diff) | |
| download | coreutils-9e900e81dbb64c529a99abf6520d95245897cf84.tar.xz | |
doc: improve the info on md5sum security weaknesses
* doc/coreutils.texi (md5sum invocation): Mention currently known
security problems. Don't recommend SHA-1 as alternative.
* man/md5sum.x (BUGS): Warn about the vulnerabilities and
reference the SHA-2 based alternatives.
Reported by Simon Josefsson
| -rw-r--r-- | doc/coreutils.texi | 14 | ||||
| -rw-r--r-- | man/md5sum.x | 4 |
2 files changed, 10 insertions, 8 deletions
diff --git a/doc/coreutils.texi b/doc/coreutils.texi index 66309b183..f6d85f7e4 100644 --- a/doc/coreutils.texi +++ b/doc/coreutils.texi @@ -3414,14 +3414,12 @@ options}. Note: The MD5 digest is more reliable than a simple CRC (provided by the @command{cksum} command) for detecting accidental file corruption, as the chances of accidentally having two files with identical MD5 -are vanishingly small. However, it should not be considered truly -secure against malicious tampering: although finding a file with a -given MD5 fingerprint, or modifying a file so as to retain its MD5 are -considered infeasible at the moment, it is known how to produce -different files with identical MD5 (a ``collision''), something which -can be a security issue in certain contexts. For more secure hashes, -consider using SHA-1 or SHA-2. @xref{sha1sum invocation}, and -@ref{sha2 utilities}. +are vanishingly small. However, it should not be considered secure +against malicious tampering: although finding a file with a given MD5 +fingerprint is considered infeasible at the moment, it is known how +to modify certain files, including digital certificates, so that they +appear valid when signed with an MD5 digest. +For more secure hashes, consider using SHA-2. @xref{sha2 utilities}. If a @var{file} is specified as @samp{-} or if no files are given @command{md5sum} computes the checksum for the standard input. diff --git a/man/md5sum.x b/man/md5sum.x index 4a6547781..93f93e272 100644 --- a/man/md5sum.x +++ b/man/md5sum.x @@ -2,3 +2,7 @@ md5sum \- compute and check MD5 message digest [DESCRIPTION] .\" Add any additional description here +[BUGS] +The MD5 algorithm should not be used any more for security related purposes. +Instead, better use an SHA\-2 algorithm, implemented in the programs +sha224sum(1), sha256sum(1), sha384sum(1), sha512sum(1) |