Gentoo Archives: gentoo-dev

From: Rich Freeman <rich0@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] Git braindump: 1 of N: merging & git signing
Date: Mon, 04 Jun 2012 20:59:06
Message-Id: CAGfcS_mx0KkXk+p9GU5wLe-z=wnUYxatqjmtuL5Y4nncyeA5AA@mail.gmail.com
In Reply to: Re: [gentoo-dev] Git braindump: 1 of N: merging & git signing by Brian Harring
On Mon, Jun 4, 2012 at 4:41 PM, Brian Harring <ferringb@×××××.com> wrote:
> > If that doesn't answer your question/concerns, be more explicit > please.
How about a scenario: 1. Gentoo dev commits a bunch of stuff to the tree. Top of tree is signed. 2. Hacker commits something to the tree. Top of tree is not signed. No need for preimage attacks or whatever on sha1 - they just log into the server and do a git commit or whatever right into the tree. 3. Gentoo dev commits a bunch of stuff to the tree. Top of tree is signed. 4. Rsync mirror update happens - top of tree is signed, so update proceeds normally. If you go back and look at the tree you see a bunch of signed and unsigned commits. How do you easily detect how the unsigned ones got there (via a dev with a merge commit, or via other means)? Either way they'll be parents of merge commits - since merge commits have two parents - the pre-commit gentoo-x86 tree, and the incoming commits. Andreas - I'm pretty sure a merge commit still includes a tree. Rich

Replies

Subject Author
Re: [gentoo-dev] Git braindump: 1 of N: merging & git signing "Michał Górny" <mgorny@g.o>
Re: [gentoo-dev] Git braindump: 1 of N: merging & git signing "W. Trevor King" <wking@×××××××.us>