Gentoo Archives: gentoo-dev

From: "W. Trevor King" <wking@×××××××.us>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] Git braindump: 1 of N: merging & git signing
Date: Fri, 08 Jun 2012 11:05:07
Message-Id: 20120608110155.GA15249@odin.tremily.us
In Reply to: Re: [gentoo-dev] Git braindump: 1 of N: merging & git signing by Rich Freeman
On Mon, Jun 04, 2012 at 04:57:42PM -0400, Rich Freeman wrote:
> 2. Hacker commits something to the tree. Top of tree is not signed. > No need for preimage attacks or whatever on sha1 - they just log into > the server and do a git commit or whatever right into the tree. > 3. Gentoo dev commits a bunch of stuff to the tree. Top of tree is signed.
When the breach is discovered, you can then isolate the dev (or devs) who implicitly signed the hack (2) by pulling the ToT without checking for a valid signature (3). Then you yell at them for sloppy security, and tell them to install your signature-checking post-receive hook. Trevor -- This email may be signed or encrypted with GnuPG (http://www.gnupg.org). For more information, see http://en.wikipedia.org/wiki/Pretty_Good_Privacy

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-dev] Git braindump: 1 of N: merging & git signing Rich Freeman <rich0@g.o>