Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Any way to make code running on a cloud service publicly verifiable?

On 2012-09-16 15:33 +0900 (Sun), Stephen J. Turnbull wrote:

> Curt Sampson writes:
>  > On 2012-09-15 23:49 +0900 (Sat), Stephen J. Turnbull wrote:
>  > 
>  > > But what do you propose signing in the case of a direct checkout of
>  > > rev deadbeefcafefeedbeadbabefacebadedeedaced from a public git
>  > > repository?  The rev id, I guess?
>  > 
>  > The revision itself. The ability to do that is built in to git with "git
>  > tag --sign".
> All that does is sign the commit object, which contains a tree id and
> metadata.  For our purpose, there's no difference: it still depends on
> the chain of SHA1s.  Linus never claimed this provides good security,
> just that it's better than no signature.

Huh. I'd never looked too closely at that.

Well, the obvious thing to do here is really just to make a tar archive
of the source you're going to upload and sign that. It's a lot simpler
and a huge reduction in attack surface. Thinking about it, the whole
idea of invovling git (or any other RCS) at all now seems bad to me.

Curt Sampson         <>         +81 90 7737 2974

It is easier to write an incorrect program than understand a correct one.
    --Alan Perlis, Epigrams on Programming (#7)

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links