From: Colin Walters <walters@verbum.org>
To: Morten Welinder <mwelinder@gmail.com>
Cc: GIT Mailing List <git@vger.kernel.org>
Subject: Re: weaning distributions off tarballs: extended verification of git tags
Date: Mon, 02 Mar 2015 12:09:57 -0500 [thread overview]
Message-ID: <1425316197.895196.234425829.536E6C06@webmail.messagingengine.com> (raw)
In-Reply-To: <CANv4PNmF9sTh8od9xT5tYTOF1Cv0Mev2Muf-qxQDS_6kE7EnOw@mail.gmail.com>
On Sat, Feb 28, 2015, at 03:34 PM, Morten Welinder wrote:
> Is there a point to including a different checksum inside
> a git tag? If someone can break the SHA-1 checksum
> in the repository then the recorded SHA-256 checksum can
> be changed. In other words, wouldn't you be just as well
> off handing someone a SHA-1 commit id?
The issue is more about what the checksum covers, as
well as its strength. Git uses a hash tree, which means
that an attacker only has to find a collision for *one* of
the objects, and the signature is still valid. And that collision
is valid for *every* commit that contains that object.
This topic has been covered elsewhere pretty extensively,
here's a link:
https://www.whonix.org/forum/index.php/topic,538.msg4278.html#msg4278
Now I think rough consensus is still that git is "secure" or
"secure enough" - but with this proposal I'm just trying
to overcome the remaining conservatism. (Also, while those
discussions were focusing on corrupting an existing repository,
the attack model of MITM also exists, and there
you don't have to worry about deltas, particularly if the
attacker's goal is to get a downstream to do a build
and thus execute their hostile code inside the downstream
network).
It's really not that expensive to do once per release,
basically free for small repositories, and for a large one like
the Linux kernel:
$ cd ~/src/linux
$ git describe
v3.19-7478-g796e1c5
$ time /bin/sh -c 'git archive --format=tar HEAD|sha256sum'
4a5c5826cea188abd52fa50c663d17ebe1dfe531109fed4ddbd765a856f1966e -
real 0m3.772s
user 0m6.132s
sys 0m0.279s
$
With this proposal, the checksum
covers an entire stream of objects for a given commit at once;
making it significantly harder to find a collision. At least as good as
checksummed tarballs, and arguably better since it's
pre-compression.
So to implement this, perhaps something like:
$ git archive --format=raw
as a base primitive, and:
$ git tag --archive-raw-checksum=SHA256 -s -m "..."
?
"git fsck" could also learn to optionally use this.
next prev parent reply other threads:[~2015-03-02 17:10 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-02-28 14:48 weaning distributions off tarballs: extended verification of git tags Colin Walters
2015-02-28 19:14 ` brian m. carlson
2015-02-28 20:34 ` Morten Welinder
2015-03-02 17:09 ` Colin Walters [this message]
2015-03-02 18:12 ` Joey Hess
2015-03-02 19:38 ` Sam Vilain
2015-03-02 20:08 ` Junio C Hamano
2015-03-02 20:52 ` Sam Vilain
2015-03-02 23:20 ` Duy Nguyen
2015-03-02 23:44 ` Junio C Hamano
2015-03-03 0:42 ` Duy Nguyen
2015-03-05 12:36 ` Michael Haggerty
2015-07-08 4:00 ` Colin Walters
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1425316197.895196.234425829.536E6C06@webmail.messagingengine.com \
--to=walters@verbum.org \
--cc=git@vger.kernel.org \
--cc=mwelinder@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).