From: Avery Pennarun <apenwarr@gmail.com>
To: walt <w41ter@gmail.com>
Cc: git@vger.kernel.org
Subject: Re: Question about scm security holes
Date: Thu, 4 Mar 2010 21:03:08 -0500 [thread overview]
Message-ID: <32541b131003041803q9abf6baq4cf9ffcca990b51c@mail.gmail.com> (raw)
In-Reply-To: <hmp427$d6h$1@dough.gmane.org>
On Thu, Mar 4, 2010 at 3:09 PM, walt <w41ter@gmail.com> wrote:
> I can't tell from the article if Perforce is any worse than any other scm
> for security holes, in fact it seems to imply that others haven't been tested in
> the same way.
>
> Just curious if anyone here has any thoughts about how the article may or
> may not have any relevance for git (git being the scm I use most, by far, which
> is the reason I'm interested).
The attack was uninteresting. The paper seems to go on and on about
different ways that an attacker can steal source code by accessing a
poorly-secured SCM server. This discussion is kind of moot for git,
where every single developer workstation has a complete copy of the
entire project history anyway.
An attack in which someone untraceably modified the repo to contain
modified code would be a little more interesting. git makes this sort
of thing pretty much impossible to do without it being *noticeable* at
least. Traceable, not so much, because you can create a commit with
whatever committer/author names you want and then push them in.
Commits aren't GPG-signed, only tags are, so there are lots of ways to
forge a commit from someone else and mess up the audit log. At least
you can't edit old commits without people noticing, though.
Have fun,
Avery
next prev parent reply other threads:[~2010-03-05 2:03 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-04 20:09 Question about scm security holes walt
2010-03-05 2:03 ` Avery Pennarun [this message]
2010-03-05 3:00 ` John Tapsell
2010-03-05 3:19 ` Avery Pennarun
2010-03-05 4:07 ` John Tapsell
2010-03-05 3:20 ` walt
2010-03-05 3:28 ` Avery Pennarun
2010-03-05 7:36 ` Andreas Krey
2010-03-05 9:25 ` Johannes Schindelin
2010-03-05 10:49 ` Jakub Narebski
2010-03-05 18:22 ` Avery Pennarun
2010-03-05 22:33 ` Johannes Schindelin
2010-03-05 17:47 ` Daniel Barkalow
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=32541b131003041803q9abf6baq4cf9ffcca990b51c@mail.gmail.com \
--to=apenwarr@gmail.com \
--cc=git@vger.kernel.org \
--cc=w41ter@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).