From: ebiederm@xmission.com (Eric W. Biederman)
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@osdl.org>,
Daniel Barkalow <barkalow@iabervon.org>,
Git Mailing List <git@vger.kernel.org>,
Junio C Hamano <junkio@cox.net>,
ftpadmin@kernel.org
Subject: Re: Tags
Date: Fri, 01 Jul 2005 16:38:02 -0600 [thread overview]
Message-ID: <m1u0jef8z9.fsf@ebiederm.dsl.xmission.com> (raw)
In-Reply-To: <42C5714A.1020203@zytor.com> (H. Peter Anvin's message of "Fri, 01 Jul 2005 09:37:30 -0700")
"H. Peter Anvin" <hpa@zytor.com> writes:
> Eric W. Biederman wrote:
>> "H. Peter Anvin" <hpa@zytor.com> writes:
>>
> Unless you have an authentication mechanism and *enforce* it (you can do that
> with GPG signatures if *and only if* your disambiguation includes your GPG
> signature fingerprint) you still have a problem with someone introducing fake
> tags as a DoS attack.
There is a question of how bad is this. For releases you certainly
need some kind of signature that people can verify and we
already have that but I think we can keep spoofing tags
down to the same level as spoofing patches.
Basically all this takes is to make your global namespace
the committer email address and you have the rule that
you can only tag your own commits. Then when you merge
tags you never automatically add tags to your own tag namespace.
I think that is enough to make global tags usable in practice.
And for those who are typing challenged if all you ever
look at are your own tags the you should never need to
specify a fully qualified tag name as git should be able
to find the committer email address through other means.
Eric
next prev parent reply other threads:[~2005-07-01 22:31 UTC|newest]
Thread overview: 86+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-30 17:54 "git-send-pack" Linus Torvalds
2005-06-30 18:24 ` "git-send-pack" A Large Angry SCM
2005-06-30 18:27 ` "git-send-pack" A Large Angry SCM
2005-06-30 19:04 ` "git-send-pack" Linus Torvalds
2005-06-30 18:45 ` "git-send-pack" Jan Harkes
2005-06-30 19:01 ` "git-send-pack" Mike Taht
2005-06-30 19:42 ` "git-send-pack" Linus Torvalds
2005-07-01 9:50 ` "git-send-pack" Matthias Urlichs
2005-06-30 19:44 ` "git-send-pack" Linus Torvalds
2005-06-30 20:38 ` "git-send-pack" Junio C Hamano
2005-06-30 21:05 ` "git-send-pack" Daniel Barkalow
2005-06-30 21:29 ` "git-send-pack" Linus Torvalds
2005-06-30 21:55 ` "git-send-pack" H. Peter Anvin
2005-06-30 22:26 ` "git-send-pack" Linus Torvalds
2005-06-30 23:40 ` "git-send-pack" H. Peter Anvin
2005-07-01 0:02 ` "git-send-pack" Linus Torvalds
2005-07-01 1:24 ` "git-send-pack" H. Peter Anvin
2005-07-01 23:44 ` "git-send-pack" Mike Taht
2005-07-02 0:07 ` "git-send-pack" H. Peter Anvin
2005-07-02 1:56 ` "git-send-pack" Linus Torvalds
2005-07-02 4:08 ` "git-send-pack" H. Peter Anvin
2005-07-02 4:22 ` "git-send-pack" Linus Torvalds
2005-07-02 4:29 ` "git-send-pack" H. Peter Anvin
2005-07-02 17:16 ` "git-send-pack" Linus Torvalds
2005-07-02 17:37 ` "git-send-pack" H. Peter Anvin
2005-07-02 17:44 ` "git-send-pack" Tony Luck
2005-07-02 17:48 ` "git-send-pack" H. Peter Anvin
2005-07-02 18:12 ` "git-send-pack" A Large Angry SCM
2005-06-30 22:25 ` "git-send-pack" Daniel Barkalow
2005-06-30 23:56 ` "git-send-pack" Linus Torvalds
2005-07-01 5:01 ` "git-send-pack" Daniel Barkalow
2005-06-30 21:08 ` "git-send-pack" Linus Torvalds
2005-06-30 21:10 ` "git-send-pack" Dan Holmsand
2005-06-30 19:49 ` "git-send-pack" Daniel Barkalow
2005-06-30 20:12 ` "git-send-pack" Linus Torvalds
2005-06-30 20:23 ` "git-send-pack" H. Peter Anvin
2005-06-30 20:52 ` "git-send-pack" Linus Torvalds
2005-06-30 21:23 ` "git-send-pack" H. Peter Anvin
2005-06-30 21:26 ` "git-send-pack" H. Peter Anvin
2005-06-30 21:42 ` "git-send-pack" Linus Torvalds
2005-06-30 22:00 ` "git-send-pack" H. Peter Anvin
2005-07-01 10:31 ` "git-send-pack" Matthias Urlichs
2005-07-01 14:43 ` "git-send-pack" Jan Harkes
2005-07-01 13:56 ` Tags Eric W. Biederman
2005-07-01 16:37 ` Tags H. Peter Anvin
2005-07-01 22:38 ` Eric W. Biederman [this message]
2005-07-01 22:44 ` Tags H. Peter Anvin
2005-07-01 23:07 ` Tags Eric W. Biederman
2005-07-01 23:22 ` Tags Daniel Barkalow
2005-07-02 0:06 ` Tags H. Peter Anvin
2005-07-02 7:00 ` Tags Eric W. Biederman
2005-07-02 17:47 ` Tags H. Peter Anvin
2005-07-02 17:54 ` Tags Eric W. Biederman
2005-07-02 17:58 ` Tags H. Peter Anvin
2005-07-02 18:31 ` Tags Eric W. Biederman
2005-07-02 19:55 ` Tags Matthias Urlichs
2005-07-02 21:16 ` Tags H. Peter Anvin
2005-07-02 21:39 ` Tags Linus Torvalds
2005-07-02 21:42 ` Tags H. Peter Anvin
2005-07-02 22:02 ` Tags A Large Angry SCM
2005-07-02 22:20 ` Tags Linus Torvalds
2005-07-02 23:49 ` Tags A Large Angry SCM
2005-07-03 0:17 ` Tags Linus Torvalds
2005-07-02 22:14 ` Tags Petr Baudis
2005-07-02 22:17 ` Tags Linus Torvalds
2005-07-03 0:04 ` Tags Dan Holmsand
2005-07-03 22:34 ` Tags Kevin Smith
2005-07-05 13:04 ` Tags Eric W. Biederman
2005-07-05 16:21 ` Tags Daniel Barkalow
2005-07-05 17:51 ` Tags Eric W. Biederman
2005-07-05 18:33 ` Tags Linus Torvalds
2005-07-05 19:22 ` Tags Junio C Hamano
2005-07-06 18:04 ` Tags Matthias Urlichs
2005-07-07 3:31 ` Tags Eric W. Biederman
2005-07-02 18:45 ` Tags Linus Torvalds
2005-07-02 20:38 ` Tags Jan Harkes
2005-07-02 22:32 ` Tags Jan Harkes
2005-07-02 16:00 ` Tags Matthias Urlichs
2005-07-01 18:09 ` Tags Petr Baudis
2005-07-01 18:37 ` Tags H. Peter Anvin
2005-07-01 21:20 ` Tags Matthias Urlichs
2005-07-01 21:42 ` Tags Petr Baudis
2005-07-01 21:52 ` Tags H. Peter Anvin
2005-07-01 22:27 ` Tags Daniel Barkalow
2005-07-01 22:59 ` Tags Petr Baudis
2005-06-30 20:49 ` "git-send-pack" Daniel Barkalow
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1u0jef8z9.fsf@ebiederm.dsl.xmission.com \
--to=ebiederm@xmission.com \
--cc=barkalow@iabervon.org \
--cc=ftpadmin@kernel.org \
--cc=git@vger.kernel.org \
--cc=hpa@zytor.com \
--cc=junkio@cox.net \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).