c-d.hailfinger.devel.2006 at gmx.net
Thu Mar 1 16:34:50 CST 2007
On 01.03.2007 23:25, Alexandre Julliard wrote:
> Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006 at gmx.net> writes:
>> Now imagine a breakin on a site hosted on winehq. The consequences
>> would be far worse than for the average toy project. Wine depends on
>> people trusting us that the code is legally clean (especially due to
>> various FUD campaigns claiming otherwise). A breakin will always
>> result in claims that the codebase has been polluted with MS code.
> You cannot modify the codebase even if you break into the server.
> Everything in the git repository is authenticated by its SHA-1, so any
> change would be immediately noticed.
I know about this special feature of git (basically not only every
file is identified by its SHA-1 hash, but also the complete timeline
and with that the complete repository are secured with SHA-1). There
was a post on the linux-kernel list some time ago about this topic.
However, in case of a breakin there will always be somebody without
this knowledge writing about the breakin. And nobody will read what
we have to say about the security of git because the first article
has always more readers than any followup or response.
More information about the wine-devel