From: Ingo Molnar <mingo@elte.hu>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Junio C Hamano <gitster@pobox.com>,
"H. Peter Anvin" <hpa@zytor.com>,
git@vger.kernel.org,
James Bottomley <James.Bottomley@hansenpartnership.com>,
Jeff Garzik <jeff@garzik.org>,
Andrew Morton <akpm@linux-foundation.org>,
linux-ide@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>
Subject: Re: [git patches] libata updates, GPG signed (but see admin notes)
Date: Wed, 2 Nov 2011 10:11:26 +0100 [thread overview]
Message-ID: <20111102091126.GG18903@elte.hu> (raw)
In-Reply-To: <CA+55aFyKWLUMQFfaeKJKGFPV_7kfOGjf+pSZ1Y8afzkT4OYQ9Q@mail.gmail.com>
* Linus Torvalds <torvalds@linux-foundation.org> wrote:
> And the receiving side would just do the "git pull" and
> automatically just get notified that "Yes, this push has been
> signed by key Xyz Abcdef"
If this approach is used then it would be nice to have a .gitconfig
switch to require trusted pulls by default: to not allow doing
non-signed or untrusted pulls accidentally, or for Git to warn in a
visible, hard to miss way if there's a non-signed pull.
This adds social uncertainty (and an element of a silent alarm) to a
realistic attack: the attacker wouldnt know exactly how the puller
checks signed pull requests, it's kept private.
Thanks,
Ingo
next prev parent reply other threads:[~2011-11-02 9:13 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20111026202235.GA20928@havoc.gtf.org>
[not found] ` <1319969101.5215.20.camel@dabdike>
[not found] ` <CA+55aFx1NGWfNJAKDTvZfsHDDKiEtS4t4RydSgHurBeyGPyhXg@mail.gmail.com>
2011-10-31 8:40 ` [git patches] libata updates, GPG signed (but see admin notes) Ingo Molnar
2011-10-31 22:03 ` Junio C Hamano
2011-10-31 8:40 ` Ingo Molnar
[not found] ` <1320049150.8283.19.camel@dabdike>
[not found] ` <CA+55aFz3=cbciRfTYodNhdEetXYxTARGTfpP9GL9RZK222XmKQ@mail.gmail.com>
2011-10-31 18:23 ` Junio C Hamano
2011-10-31 20:30 ` Ted Ts'o
2011-10-31 20:53 ` Junio C Hamano
2011-10-31 22:18 ` Linus Torvalds
2011-10-31 22:20 ` H. Peter Anvin
2011-10-31 22:30 ` Linus Torvalds
2011-10-31 22:33 ` H. Peter Anvin
2011-10-31 22:38 ` Linus Torvalds
2011-10-31 22:51 ` Junio C Hamano
2011-10-31 22:56 ` Linus Torvalds
2011-11-02 9:11 ` Ingo Molnar [this message]
2011-11-02 11:20 ` Jochen Striepe
2011-10-31 23:09 ` Junio C Hamano
2011-10-31 22:44 ` Junio C Hamano
2011-10-31 22:47 ` H. Peter Anvin
2011-10-31 22:49 ` Ted Ts'o
2011-10-31 22:51 ` H. Peter Anvin
2011-10-31 22:52 ` Linus Torvalds
2011-10-31 22:54 ` H. Peter Anvin
2011-10-31 23:03 ` Linus Torvalds
2011-11-01 5:39 ` James Bottomley
2011-10-31 23:55 ` Jeff Garzik
2011-11-01 0:42 ` H. Peter Anvin
2011-10-31 22:33 ` Jiri Kosina
2011-11-01 19:47 ` Junio C Hamano
2011-11-01 21:21 ` Linus Torvalds
2011-11-01 21:56 ` Junio C Hamano
2011-11-02 20:04 ` Linus Torvalds
2011-11-02 21:13 ` Junio C Hamano
2011-11-03 1:02 ` Shawn Pearce
2011-11-03 1:19 ` Linus Torvalds
2011-11-03 1:45 ` Linus Torvalds
2011-11-03 2:14 ` Shawn Pearce
2011-11-03 2:25 ` Linus Torvalds
2011-11-03 3:22 ` Jochen Striepe
2011-11-03 4:13 ` Linus Torvalds
2011-11-10 13:51 ` David Woodhouse
2011-11-10 15:23 ` Marc Branchaud
2011-11-03 2:31 ` Linus Torvalds
2011-11-03 2:19 ` Linus Torvalds
2011-11-04 20:16 ` Junio C Hamano
2011-11-04 21:22 ` Junio C Hamano
2011-11-04 23:10 ` Linus Torvalds
2011-11-05 3:55 ` Jeff King
2011-11-05 4:37 ` Junio C Hamano
2011-11-03 18:16 ` Junio C Hamano
2011-11-03 18:52 ` Junio C Hamano
2011-11-03 19:09 ` Linus Torvalds
2011-11-04 14:59 ` Ted Ts'o
2011-11-04 15:14 ` Linus Torvalds
2011-11-07 7:52 ` Valdis.Kletnieks
2011-11-07 16:24 ` Linus Torvalds
2011-11-05 6:36 ` Junio C Hamano
2011-11-05 16:41 ` Linus Torvalds
2011-11-05 23:49 ` Junio C Hamano
2011-11-06 0:53 ` Linus Torvalds
2011-11-09 17:26 ` Junio C Hamano
2011-11-10 8:02 ` Johan Herland
2011-11-10 15:15 ` Junio C Hamano
2011-11-10 16:03 ` Johan Herland
2011-11-10 17:18 ` Junio C Hamano
2011-11-11 1:17 ` Johan Herland
2011-11-11 5:26 ` Junio C Hamano
2011-11-10 21:41 ` Junio C Hamano
2011-11-03 19:06 ` Linus Torvalds
2011-11-04 21:12 ` Junio C Hamano
2011-11-04 23:45 ` Linus Torvalds
2011-11-03 2:55 ` Jeff King
2011-11-03 3:16 ` Robin H. Johnson
2011-11-03 18:29 ` Junio C Hamano
2011-11-01 22:39 ` Ted Ts'o
2011-11-02 23:34 ` Junio C Hamano
2011-11-02 23:41 ` david
2011-11-02 23:42 ` Linus Torvalds
2011-11-10 13:52 ` David Woodhouse
2011-11-02 10:53 ` Michael J Gruber
2011-11-02 18:58 ` Junio C Hamano
2011-11-02 21:05 ` Michael J Gruber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111102091126.GG18903@elte.hu \
--to=mingo@elte.hu \
--cc=James.Bottomley@hansenpartnership.com \
--cc=akpm@linux-foundation.org \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=hpa@zytor.com \
--cc=jeff@garzik.org \
--cc=linux-ide@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).