| 1 |
Dnia 2014-09-21, o godz. 09:54:06 |
| 2 |
Ulrich Mueller <ulm@g.o> napisał(a): |
| 3 |
|
| 4 |
> >>>>> On Sun, 21 Sep 2014, Michał Górny wrote: |
| 5 |
> |
| 6 |
> > Rich Freeman <rich0@g.o> napisał(a): |
| 7 |
> >> Ulrich is well-aware of that. His argument is that with cvs there |
| 8 |
> >> is no security whatsoever in the scm, and so there is more interest |
| 9 |
> >> in layering security on-top. With git there is more of a tendency |
| 10 |
> >> to rely on the less-than-robust commit signing system. |
| 11 |
> >> |
| 12 |
> >> We could always just keep full manifests in the tree and be no |
| 13 |
> >> worse off than with cvs. |
| 14 |
> |
| 15 |
> > And we would be no better off than with CVS. We'd have huge |
| 16 |
> > repository with a lot of redundant space-eating data and the |
| 17 |
> > impossibility of sane merges or rebases. |
| 18 |
> |
| 19 |
> Not necessarily. As long as you keep write access to the repository |
| 20 |
> secure, you don't need anything special there. However, it's a |
| 21 |
> different story when the tree is distributed via a mirror system that |
| 22 |
> is not entirely under our control. |
| 23 |
> |
| 24 |
> Full manifests could be generated automatically (and signed with an |
| 25 |
> infra key) when copying the tree from the repository to the master |
| 26 |
> mirror. |
| 27 |
|
| 28 |
Do you really consider keeping a key open for machine signing somewhat |
| 29 |
secure? |
| 30 |
|
| 31 |
-- |
| 32 |
Best regards, |
| 33 |
Michał Górny |
Archives