Thank you for your donation!


Moode Update Policy and resulting Security
#1
Hi Forum,

I want to discuss the update policy moode image is giving currently to the users.

(11-09-2021, 08:51 AM)the_bertrum Wrote:
(11-08-2021, 09:58 PM)TCr82 Wrote: How will the system be safe, when we can not update it?

Before I was running raudio on this pi and it was rock stable safe for all updates.... but I will test moode, maybe I can help to fix some things, that the system stays more stable.

One of the reasons we could be pretty sure your image was corrupt, is because moOde is built and tested with a specific set of components and specific versions.  If you upgrade bits, we don't know what has changed, and therefore can't be sure what's broken.

Remember, moOde is not a program running on RaspiOS, it is a system that uses components from RaspiOS.

And it stays safe by being inside your own network that you have secured.

We can't say it is safe, just because it is inside our own network. That`s really misleading!


This would mean, that we never need to update our browser, because he is running on our local machine in our own network? No!

What I want to say, it is easy to fix this problem - one example is on Debian Package Management is is possible to mark modified packages - so we can set them on hold.

The problem for a new user is, that he don't know what packages are related.

It makes it also possible to customize the image to our needs (maybe to add a missing service or whatever)


I really like to discuss this topic - hope it get not closed just like the other thread.

edit:

I started to read your install scripts and saw, what is the main problem. You mix all things together - external debs, local compiled binary's on extra paths and also overwrite binary's from the distribution. So it will be not just a easy apt-mark hold pkg, because you didn't follow the distribution way of package management. This looks not like a clean way and it results in the situation the project is. I understand that is easy for u to support this construct, when u just say, "pls reimage the sd card" - but at this point a user have maybe put a lot of effort in the setup.

I also see that you put a lot of effort in the setup script. On the other hand I have seen a lot of projects who manage a commensurable complexity - as an example yaVDR - the complete distribution comes from a deb repository and can be installed on top of a blank installation. On older versions they was working with a template system to setup the system-configuration. Nowadays they introduced a ansible playbook. There are also a lot of system components involved (kernel drivers, sound config and other system services, depending on what the user needs)

But in the end, the creators of moOde must see the need to improve this masterpiece to make it more stable and, above all, safer.

Thomas
Reply
#2
(11-09-2021, 06:58 PM)TCr82 Wrote: We can't say it is safe, just because it is inside our own network. That`s really misleading!
I didn't quite say that, I said inside your network which you have secured.  The safety comes from securing the perimeter properly.

(11-09-2021, 06:58 PM)TCr82 Wrote: This would mean, that we never need to update our browser, because he is running on our local machine in our own network? No!
That is a useless comparison.

(11-09-2021, 06:58 PM)TCr82 Wrote: What I want to say, it is easy to fix this problem - one example is on Debian Package Management is is possible to mark modified packages - so we can set them on hold.
But, marking packages as hold prevents them from updating, and so would leave any vulnerability unpatched, so you gain nothing.

(11-09-2021, 06:58 PM)TCr82 Wrote: I understand that is easy for u to support this construct, when u just say, "pls reimage the sd card" - but at this point a user have maybe put a lot of effort in the setup.
There is a fine settings backup utility in moOde that takes this issue away.

(11-09-2021, 06:58 PM)TCr82 Wrote: But in the end, the creators of moOde must see the need to improve this masterpiece to make it more stable and, above all, safer.

Thomas

You seem to have a lot of knowledge in this area, I'm sure that if you applied some of that to resolving the issues you see and submitting a pull request the repository your efforts would be welcomed.  This is proper Open Source after all, anyone can contribute.
Reply


Forum Jump: