From: | Ciaran McCreesh <ciaran.mccreesh@××××××××××.com> | ||
---|---|---|---|
To: | gentoo-dev@l.g.o | ||
Subject: | Re: [gentoo-dev] git security (SHA-1) | ||
Date: | Wed, 17 Sep 2014 11:36:27 | ||
Message-Id: | 20140917123616.698dc947@googlemail.com | ||
In Reply to: | Re: [gentoo-dev] git security (SHA-1) by Tim Boudreau |
1 | On Wed, 17 Sep 2014 07:21:08 -0400 |
2 | Tim Boudreau <niftiness@×××××.com> wrote: |
3 | > If someone wants to commit malicious code into Gentoo, they're far |
4 | > more likely to take the ugly but pragmatic approach of, say, forcing |
5 | > someone to commit malicious code at gunpoint and then shooting them, |
6 | > than to go to the vast effort it would take to come up with malicious |
7 | > code that conveniently has the same SHA-1 hash as an existing commit. |
8 | |
9 | ...or getting themselves recruited. Even easier. |
10 | |
11 | -- |
12 | Ciaran McCreesh |
File name | MIME type |
---|---|
signature.asc | application/pgp-signature |
Subject | Author |
---|---|
Re: [gentoo-dev] git security (SHA-1) | "Michał Górny" <mgorny@g.o> |
[gentoo-dev] Re: git security (SHA-1) | Duncan <1i5t5.duncan@×××.net> |