From: Tommi Virtanen <tv@eagain.net>
To: "Stephen R. van den Berg" <srb@cuci.nl>
Cc: "Boyd Stephen Smith Jr." <bss@iguanasuicide.net>,
Florian Weimer <fw@deneb.enyo.de>,
git@vger.kernel.org
Subject: Re: is gitosis secure?
Date: Wed, 4 Feb 2009 10:26:50 -0800 [thread overview]
Message-ID: <20090204182650.GC1970@eagain.net> (raw)
In-Reply-To: <20090204121204.GA12393@cuci.nl>
On Wed, Feb 04, 2009 at 01:12:04PM +0100, Stephen R. van den Berg wrote:
> I installed gitosis a year ago.
> Then I tried to audit the code.
> I couldn't, the whole thing is too much spaghetti code.
Huh. It's about 1000 lines of python, with about 2000 lines of unit
tests. It has 3 top-level operations: init, serve, run_hook. That
still counts as "tiny" in my mind. I'm sorry if following the code was
too hard. I guess there's no accounting for taste.
> Auditing gitosis turned out to be too painful to be worth the trouble,
> so I reverted to a manually maintained git-shell solution which is so
> simple that I can actually audit it, and therefore is provably secure
> (which gitosis is not).
This word, "provably", tends to mean something else than what you use
it for. Definitely a simple audit doesn't prove anything. Most
real-world software is complex enough to be practically unprovable for
anything.
--
:(){ :|:&};:
next prev parent reply other threads:[~2009-02-04 18:28 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-09 8:56 is gitosis secure? Thomas Koch
2008-12-09 9:04 ` Sam Vilain
2009-01-18 11:48 ` Florian Weimer
2009-01-18 12:50 ` Boyd Stephen Smith Jr.
2009-01-18 13:25 ` Florian Weimer
2009-01-18 14:19 ` Boyd Stephen Smith Jr.
2009-02-03 21:31 ` Tommi Virtanen
2009-02-04 12:12 ` Stephen R. van den Berg
2009-02-04 18:26 ` Tommi Virtanen [this message]
2009-02-05 7:52 ` Stephen R. van den Berg
2009-02-05 8:04 ` Tommi Virtanen
2008-12-09 9:07 ` R. Tyler Ballance
2009-02-03 21:41 ` Tommi Virtanen
2008-12-09 9:38 ` Sverre Rabbelier
2008-12-13 16:23 ` Nix
2008-12-13 18:07 ` Sverre Rabbelier
2008-12-14 2:26 ` Sitaram Chamarty
2008-12-14 5:40 ` david
2008-12-14 9:42 ` martin
2008-12-14 11:25 ` david
2008-12-14 10:51 ` Jakub Narebski
2008-12-15 0:54 ` david
2008-12-14 11:02 ` martin
2008-12-15 1:00 ` david
2008-12-15 7:17 ` Mike Hommey
2008-12-15 8:25 ` david
2008-12-15 8:35 ` Mike Hommey
2008-12-15 21:28 ` Tait
2008-12-14 11:42 ` Sitaram Chamarty
2008-12-15 1:20 ` david
2008-12-14 10:40 ` Jakub Narebski
2008-12-15 0:50 ` david
2008-12-15 7:20 ` Rogan Dawes
2008-12-15 8:37 ` david
2008-12-15 7:52 ` Rogan Dawes
2008-12-14 10:47 ` Jakub Narebski
2008-12-15 0:14 ` Nix
2008-12-15 1:29 ` david
2008-12-15 5:24 ` Asheesh Laroia
2008-12-15 6:32 ` david
2008-12-09 19:18 ` Garry Dolley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090204182650.GC1970@eagain.net \
--to=tv@eagain.net \
--cc=bss@iguanasuicide.net \
--cc=fw@deneb.enyo.de \
--cc=git@vger.kernel.org \
--cc=srb@cuci.nl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).