From: ebiederm@xmission.com (Eric W. Biederman)
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@osdl.org>,
Daniel Barkalow <barkalow@iabervon.org>,
Git Mailing List <git@vger.kernel.org>,
Junio C Hamano <junkio@cox.net>,
ftpadmin@kernel.org
Subject: Re: Tags
Date: Sat, 02 Jul 2005 12:31:31 -0600 [thread overview]
Message-ID: <m1fyuxdpq4.fsf@ebiederm.dsl.xmission.com> (raw)
In-Reply-To: <42C6D5AD.9070304@zytor.com> (H. Peter Anvin's message of "Sat, 02 Jul 2005 10:58:05 -0700")
"H. Peter Anvin" <hpa@zytor.com> writes:
> Eric W. Biederman wrote:
>> ?? Isn't that what ssh is?
>> To some extent a lot depends on how active you expect people to
>> try and forge things. If there is an expectation of honesty
>> you are fine.
>
> I can't afford to have that.
So you are now your requirements are more stringent then sourceforge?
Sourcefore limited things by reducing the scope of commits per
project. But once you had commit access to a project you could do
just about anything.
>> If you want to build one mondo repository with thousands of developers
>> having write access you need to be more careful. But as far as I know
>> none of that is specific to tags.
>
> Well, you're wrong. Tags is the only part of git which cannot be protected by
> git's own self-validation system.
Which is why I suggested having tags in sync with the committer
information, that way you are as valid as the commit record
in git. Although I suspect the multiple head solution is
probably better, and simply limiting the people who can commit
to an individual head will achieve what is necessary. One user
per head?
One thing arch has shown is that you can sucessfully move
authentication/permission checking to the underlying environment
if you structure things carefully.
I guess the problem is really we want to structure things so that
a user who has downloaded the code can verify they have the
release/tag is what they are looking for. You can detect
a spoofed file in objects by simply verifying the sha1 of the file.
For a file that you can't internally verify that way the traditional
way to handle that is to create a file with a gpg signature. So
is there anything wrong with adding .git/refs/tags/tag-name.sign
that is a traditional signature file? That will at least give
you an end to end consistency check. (Hmm. Why didn't I suggest
this before?)
If you don't want to mirror and propagate data you need to do
consistency checks earlier in the process, and I have probably had
some poor suggestions on how to implement those. But if everything
is setup so we can verify things once we have the code downloaded,
where you perform the checks is simply a matter of optimization.
Eric
next prev parent reply other threads:[~2005-07-02 18:32 UTC|newest]
Thread overview: 86+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-30 17:54 "git-send-pack" Linus Torvalds
2005-06-30 18:24 ` "git-send-pack" A Large Angry SCM
2005-06-30 18:27 ` "git-send-pack" A Large Angry SCM
2005-06-30 19:04 ` "git-send-pack" Linus Torvalds
2005-06-30 18:45 ` "git-send-pack" Jan Harkes
2005-06-30 19:01 ` "git-send-pack" Mike Taht
2005-06-30 19:42 ` "git-send-pack" Linus Torvalds
2005-07-01 9:50 ` "git-send-pack" Matthias Urlichs
2005-06-30 19:44 ` "git-send-pack" Linus Torvalds
2005-06-30 20:38 ` "git-send-pack" Junio C Hamano
2005-06-30 21:05 ` "git-send-pack" Daniel Barkalow
2005-06-30 21:29 ` "git-send-pack" Linus Torvalds
2005-06-30 21:55 ` "git-send-pack" H. Peter Anvin
2005-06-30 22:26 ` "git-send-pack" Linus Torvalds
2005-06-30 23:40 ` "git-send-pack" H. Peter Anvin
2005-07-01 0:02 ` "git-send-pack" Linus Torvalds
2005-07-01 1:24 ` "git-send-pack" H. Peter Anvin
2005-07-01 23:44 ` "git-send-pack" Mike Taht
2005-07-02 0:07 ` "git-send-pack" H. Peter Anvin
2005-07-02 1:56 ` "git-send-pack" Linus Torvalds
2005-07-02 4:08 ` "git-send-pack" H. Peter Anvin
2005-07-02 4:22 ` "git-send-pack" Linus Torvalds
2005-07-02 4:29 ` "git-send-pack" H. Peter Anvin
2005-07-02 17:16 ` "git-send-pack" Linus Torvalds
2005-07-02 17:37 ` "git-send-pack" H. Peter Anvin
2005-07-02 17:44 ` "git-send-pack" Tony Luck
2005-07-02 17:48 ` "git-send-pack" H. Peter Anvin
2005-07-02 18:12 ` "git-send-pack" A Large Angry SCM
2005-06-30 22:25 ` "git-send-pack" Daniel Barkalow
2005-06-30 23:56 ` "git-send-pack" Linus Torvalds
2005-07-01 5:01 ` "git-send-pack" Daniel Barkalow
2005-06-30 21:08 ` "git-send-pack" Linus Torvalds
2005-06-30 21:10 ` "git-send-pack" Dan Holmsand
2005-06-30 19:49 ` "git-send-pack" Daniel Barkalow
2005-06-30 20:12 ` "git-send-pack" Linus Torvalds
2005-06-30 20:23 ` "git-send-pack" H. Peter Anvin
2005-06-30 20:52 ` "git-send-pack" Linus Torvalds
2005-06-30 21:23 ` "git-send-pack" H. Peter Anvin
2005-06-30 21:26 ` "git-send-pack" H. Peter Anvin
2005-06-30 21:42 ` "git-send-pack" Linus Torvalds
2005-06-30 22:00 ` "git-send-pack" H. Peter Anvin
2005-07-01 10:31 ` "git-send-pack" Matthias Urlichs
2005-07-01 14:43 ` "git-send-pack" Jan Harkes
2005-07-01 13:56 ` Tags Eric W. Biederman
2005-07-01 16:37 ` Tags H. Peter Anvin
2005-07-01 22:38 ` Tags Eric W. Biederman
2005-07-01 22:44 ` Tags H. Peter Anvin
2005-07-01 23:07 ` Tags Eric W. Biederman
2005-07-01 23:22 ` Tags Daniel Barkalow
2005-07-02 0:06 ` Tags H. Peter Anvin
2005-07-02 7:00 ` Tags Eric W. Biederman
2005-07-02 17:47 ` Tags H. Peter Anvin
2005-07-02 17:54 ` Tags Eric W. Biederman
2005-07-02 17:58 ` Tags H. Peter Anvin
2005-07-02 18:31 ` Eric W. Biederman [this message]
2005-07-02 19:55 ` Tags Matthias Urlichs
2005-07-02 21:16 ` Tags H. Peter Anvin
2005-07-02 21:39 ` Tags Linus Torvalds
2005-07-02 21:42 ` Tags H. Peter Anvin
2005-07-02 22:02 ` Tags A Large Angry SCM
2005-07-02 22:20 ` Tags Linus Torvalds
2005-07-02 23:49 ` Tags A Large Angry SCM
2005-07-03 0:17 ` Tags Linus Torvalds
2005-07-02 22:14 ` Tags Petr Baudis
2005-07-02 22:17 ` Tags Linus Torvalds
2005-07-03 0:04 ` Tags Dan Holmsand
2005-07-03 22:34 ` Tags Kevin Smith
2005-07-05 13:04 ` Tags Eric W. Biederman
2005-07-05 16:21 ` Tags Daniel Barkalow
2005-07-05 17:51 ` Tags Eric W. Biederman
2005-07-05 18:33 ` Tags Linus Torvalds
2005-07-05 19:22 ` Tags Junio C Hamano
2005-07-06 18:04 ` Tags Matthias Urlichs
2005-07-07 3:31 ` Tags Eric W. Biederman
2005-07-02 18:45 ` Tags Linus Torvalds
2005-07-02 20:38 ` Tags Jan Harkes
2005-07-02 22:32 ` Tags Jan Harkes
2005-07-02 16:00 ` Tags Matthias Urlichs
2005-07-01 18:09 ` Tags Petr Baudis
2005-07-01 18:37 ` Tags H. Peter Anvin
2005-07-01 21:20 ` Tags Matthias Urlichs
2005-07-01 21:42 ` Tags Petr Baudis
2005-07-01 21:52 ` Tags H. Peter Anvin
2005-07-01 22:27 ` Tags Daniel Barkalow
2005-07-01 22:59 ` Tags Petr Baudis
2005-06-30 20:49 ` "git-send-pack" Daniel Barkalow
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1fyuxdpq4.fsf@ebiederm.dsl.xmission.com \
--to=ebiederm@xmission.com \
--cc=barkalow@iabervon.org \
--cc=ftpadmin@kernel.org \
--cc=git@vger.kernel.org \
--cc=hpa@zytor.com \
--cc=junkio@cox.net \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).