From: Linus Torvalds <torvalds@linux-foundation.org>
To: Junio C Hamano <junkio@cox.net>
Cc: Johannes Sixt <J.Sixt@eudaptics.com>, git@vger.kernel.org
Subject: Re: grafts+repack+prune = history at danger
Date: Fri, 26 Jan 2007 07:55:49 -0800 (PST) [thread overview]
Message-ID: <Pine.LNX.4.64.0701260747110.25027@woody.linux-foundation.org> (raw)
In-Reply-To: <7vr6ti183o.fsf@assigned-by-dhcp.cox.net>
On Fri, 26 Jan 2007, Junio C Hamano wrote:
>
> One thing you could do is to take the local-ness of grafts more
> literally and enforce it more strictly by dropping grafts while
> fetch-pack and receive-pack exchange common objects and spawn
> pack-objects to come up with objects needed to be sent. But
> because we currently punt, we do not even do that.
One option might be:
- add a global flag (like the current "save_commit_buffer") that commands
can set to specify whether they want to honor grafts or not.
The "please_follow_grafts" flag defaults to 1.
- "git send-pack" would explicitly set it to zero, and thus we'd always
send a non-grafted result.
- "git prune" would *also* explicitly set it to zero, but would also
manually look at the grafts file, and mark anything that is set in the
grafts file as being reachable (the same way it does for index entries
etc).
It might also be an option to then do:
- "git repack" should probably also set it to zero - I think we might be
better off packing any grafted data separately.
The alternative, of course, is to try to transfer the grafts file for
clones and fetches, but that is likely to be a *bad* idea. It's even a
potential security issue: grafts can literally be used to short-circuit
some of the inherent safety in git, in that an attacker can make a graft
that makes history *look* fine, but hide part of it (you can't "really"
hide history, but you can make normal git operations like "git log"
basically ignore it by judicious use of grafts).
Linus
next prev parent reply other threads:[~2007-01-26 15:56 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-25 17:17 grafts+repack+prune = history at danger Johannes Sixt
2007-01-25 23:07 ` Junio C Hamano
2007-01-26 8:13 ` Johannes Sixt
2007-01-26 8:54 ` Junio C Hamano
2007-01-26 9:21 ` Johannes Sixt
2007-01-26 9:31 ` Junio C Hamano
2007-01-26 9:48 ` Johannes Sixt
2007-01-26 10:15 ` Junio C Hamano
2007-01-26 10:41 ` Johannes Sixt
2007-01-26 11:29 ` Junio C Hamano
2007-01-26 13:08 ` Jakub Narebski
2007-01-26 15:55 ` Linus Torvalds [this message]
2007-01-26 23:46 ` Junio C Hamano
2007-01-27 0:56 ` Linus Torvalds
2007-01-26 9:15 ` Mark Wooding
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Pine.LNX.4.64.0701260747110.25027@woody.linux-foundation.org \
--to=torvalds@linux-foundation.org \
--cc=J.Sixt@eudaptics.com \
--cc=git@vger.kernel.org \
--cc=junkio@cox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).