From: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
To: "Gamblin, Todd" <gamblin2@llnl.gov>
Cc: Philip Oakley <philipoakley@iee.email>,
Johannes Sixt <j6t@kdbg.org>, Junio C Hamano <gitster@pobox.com>,
"git@vger.kernel.org" <git@vger.kernel.org>
Subject: Re: Commit SHA1 == SHA1 checksum?
Date: Mon, 7 Feb 2022 08:15:20 -0500 [thread overview]
Message-ID: <20220207131520.cqkdtmceddqquwlg@meerkat.local> (raw)
In-Reply-To: <734DE4FA-E4B1-43CB-89EE-3C200FA21F4F@llnl.gov>
On Mon, Feb 07, 2022 at 08:15:58AM +0000, Gamblin, Todd wrote:
> In our case, the initial trust doesn’t come from a PGP signature — it comes
> (at least for now) from having cloned the package repository from GitHub.
Not really the case, if you're relying on a particular commit hash, as you
state. Once you specify a target hash, you don't really have to care where the
repository came from -- the hash is either going to be there and be valid, or
it's not going to be there.
It only matters where the person who picked that hash cloned the repository
from and what steps they made to verify that it is a legitimate commit. If "I
cloned this repository from github" is sufficient for your needs, then that's
fine. The alternative is to use PGP verification, but in either case once you
pick a hash to use, you can rely on git to do all the rest.
> That said, I guess I do still have one more question — how soon will git
> notice that a given repo is corrupted/tampered with (insofar as sha1 can do
> that)? On checkout?
Yes. I've asked this question before as well:
https://lore.kernel.org/git/20190829141010.GD1797@sigill.intra.peff.net/
The relevant bit:
Then yes, there is no need to fsck. When the objects were received on
the server side (by push) and then again when you got them from the
server (by clone), their sha1s were recomputed from scratch, not
trusting the sender at all in either case.
-K
next prev parent reply other threads:[~2022-02-07 13:55 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-05 1:19 Commit SHA1 == SHA1 checksum? Gamblin, Todd
2022-02-06 0:22 ` Philip Oakley
2022-02-06 9:00 ` Gamblin, Todd
2022-02-06 10:23 ` Johannes Sixt
2022-02-06 10:15 ` Junio C Hamano
2022-02-06 19:25 ` Philip Oakley
2022-02-06 20:02 ` Junio C Hamano
2022-02-06 21:33 ` Philip Oakley
2022-02-07 8:15 ` Gamblin, Todd
2022-02-07 13:15 ` Konstantin Ryabitsev [this message]
2022-02-07 21:08 ` Gamblin, Todd
2022-02-07 13:32 ` Konstantin Ryabitsev
2022-02-07 20:57 ` Junio C Hamano
2022-02-07 21:34 ` Konstantin Ryabitsev
2022-02-07 22:29 ` Gamblin, Todd
2022-02-07 22:46 ` Konstantin Ryabitsev
2022-02-08 6:23 ` Gamblin, Todd
2022-02-07 22:49 ` Junio C Hamano
2022-02-07 23:02 ` Konstantin Ryabitsev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220207131520.cqkdtmceddqquwlg@meerkat.local \
--to=konstantin@linuxfoundation.org \
--cc=gamblin2@llnl.gov \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=j6t@kdbg.org \
--cc=philipoakley@iee.email \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).