| 1 |
On Sun, Jul 8, 2018 at 9:02 AM Kristian Fiskerstrand <k_f@g.o> wrote: |
| 2 |
> |
| 3 |
> On 07/08/2018 08:53 AM, Michał Górny wrote: |
| 4 |
> > Is safe git syncing implemented already? If not, maybe finish it first and cover both with a single news item. Git is going to be more efficient here, so people may want to learn they have an alternative. |
| 5 |
> |
| 6 |
> Why complicate things, and increase wait for something that benefits |
| 7 |
> most users, just to give alternatives to a few using non-default sync |
| 8 |
> mechanism. Securing git distribution is a whole different ballpark. |
| 9 |
> |
| 10 |
|
| 11 |
I'll agree that it is different, but we're talking about verification |
| 12 |
of the HEAD signature by infra, not verification of individual |
| 13 |
developer keys, which was the topic of the recent thread. |
| 14 |
|
| 15 |
Verification is already built-into portage for git syncing (but off by |
| 16 |
default). The problem is that portage will still checkout the tree if |
| 17 |
it fails verification. The patch is to do the verification before |
| 18 |
checking it out so that if it fails the tree is left in a |
| 19 |
last-known-good state (at least as seen by tools at the filesystem |
| 20 |
level - the fetched bad commits would still be visible to git). |
| 21 |
|
| 22 |
-- |
| 23 |
Rich |
Archives