Archives
Archives
| From: | Ciaran McCreesh <ciaran.mccreesh@××××××××××.com> | ||
|---|---|---|---|
| To: | gentoo-dev@l.g.o | ||
| Subject: | Re: [gentoo-dev] git security (SHA-1) | ||
| Date: | Wed, 17 Sep 2014 11:36:27 | ||
| Message-Id: | 20140917123616.698dc947@googlemail.com | ||
| In Reply to: | Re: [gentoo-dev] git security (SHA-1) by Tim Boudreau |
||
| 1 | On Wed, 17 Sep 2014 07:21:08 -0400 |
| 2 | Tim Boudreau <niftiness@×××××.com> wrote: |
| 3 | > If someone wants to commit malicious code into Gentoo, they're far |
| 4 | > more likely to take the ugly but pragmatic approach of, say, forcing |
| 5 | > someone to commit malicious code at gunpoint and then shooting them, |
| 6 | > than to go to the vast effort it would take to come up with malicious |
| 7 | > code that conveniently has the same SHA-1 hash as an existing commit. |
| 8 | |
| 9 | ...or getting themselves recruited. Even easier. |
| 10 | |
| 11 | -- |
| 12 | Ciaran McCreesh |
| File name | MIME type |
|---|---|
| signature.asc | application/pgp-signature |
| Subject | Author |
|---|---|
| Re: [gentoo-dev] git security (SHA-1) | "Michał Górny" <mgorny@g.o> |
| [gentoo-dev] Re: git security (SHA-1) | Duncan <1i5t5.duncan@×××.net> |