[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ‘core-updates’ merge is a squashed commit
From: |
Andy Wingo |
Subject: |
Re: ‘core-updates’ merge is a squashed commit |
Date: |
Fri, 05 Aug 2016 09:35:59 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
On Thu 04 Aug 2016 22:05, Leo Famulari <address@hidden> writes:
> On Thu, Aug 04, 2016 at 06:55:34PM +0200, Andy Wingo wrote:
>> On Thu 04 Aug 2016 18:44, Leo Famulari <address@hidden> writes:
>>
>> > How would the rest of us distinguish between
>> >
>> > 1) a range of your commits with a signed HEAD
>> > 2) a range of your commits with a signed HEAD that you pushed after I
>> > pushed a commit created with `git commit --author="Andy Wingo"
>>
>> I'm not sure what the threat model here is, and surely this is mostly
>> because I am ignorant :) Would you mind elaborating a bit more?
>
> I admit, the example is really contrived.
>
> My point is that, as far as I know, there is no way to know who exactly
> is behind an unsigned Git commit.
>
> The "Author" and "Commit" information seen in `git log --format=full` is
> trivially forged, for example by altering the [user] field of your Git
> configuration file.
Yeah. I guess I don't see see "author misattribution on unsigned
commits" as part of the threat model.
My mental model is that if you have a signed commit A with unsigned
parents B, C, ..., that it's the person who signed commit A who signs
off on commits B, C, and so on. That person attests to the integrity of
that range of commits, *including* the author field(s).
If you sign a HEAD which brings in an unsigned commit that you (or
someone else) forged to use me (say) as --author, it's true, I can claim
not to have made it. But that seems a bit irrelevant to any property we
care about; dunno...
Andy
- Re: ‘core-updates’ merge is a squashed commit, (continued)
- Re: ‘core-updates’ merge is a squashed commit, Andreas Enge, 2016/08/04
- Re: ‘core-updates’ merge is a squashed commit, Mathieu Lirzin, 2016/08/04
- Re: ‘core-updates’ merge is a squashed commit, Leo Famulari, 2016/08/04
- Re: ‘core-updates’ merge is a squashed commit, Andreas Enge, 2016/08/04
- Re: ‘core-updates’ merge is a squashed commit, Leo Famulari, 2016/08/04
- Re: ‘core-updates’ merge is a squashed commit, Andreas Enge, 2016/08/04
- Re: ‘core-updates’ merge is a squashed commit, Andy Wingo, 2016/08/04
- Re: ‘core-updates’ merge is a squashed commit, Leo Famulari, 2016/08/04
- Re: ‘core-updates’ merge is a squashed commit, Andy Wingo, 2016/08/04
- Re: ‘core-updates’ merge is a squashed commit, Leo Famulari, 2016/08/04
- Re: ‘core-updates’ merge is a squashed commit,
Andy Wingo <=
- Re: ‘core-updates’ merge is a squashed commit, Leo Famulari, 2016/08/05
- Re: ‘core-updates’ merge is a squashed commit, Andy Wingo, 2016/08/05
- Re: ‘core-updates’ merge is a squashed commit, Leo Famulari, 2016/08/05
- Re: ‘core-updates’ merge is a squashed commit, Mark H Weaver, 2016/08/05
- Re: ‘core-updates’ merge is a squashed commit, Leo Famulari, 2016/08/05
- Re: ‘core-updates’ merge is a squashed commit, Andy Wingo, 2016/08/08
- Re: ‘core-updates’ merge is a squashed commit, Andreas Enge, 2016/08/06
- Re: ‘core-updates’ merge is a squashed commit, Andy Wingo, 2016/08/08
- Re: ‘core-updates’ merge is a squashed commit, Mike Gerwitz, 2016/08/07
- Re: ‘core-updates’ merge is a squashed commit, Leo Famulari, 2016/08/04