-
xmr-pr
xiphon opened pull request #2963: cmake: fix x11 linking
-
xmr-pr
-
selsta
.merge+ 2963
-
selsta
.merge+ #2963
-
xmr-pr
Added
-
selsta
.merges
-
xmr-pr
#2933 #2937 #2947 #2950 #2959 #2961 #2962 #2963
-
kinghat[m]
is there such a thing as immutable git? no "force push and backdating PRs/commits"?
-
moneromooo
Assuming SHA1 can not be pwned (or you use a post-SHA1 git repo), then you can't alter history without the commit hashes changing.
-
moneromooo
Assuming SHA1 can not be pwned is not quite sane at this moment.
-
sarang
kinghat[m]: what do you mean by "immutable"?
-
sarang
a force-push is a new branch of the commit graph
-
moneromooo
That which can be immuted. Obviously.
-
sarang
there's no way to prevent this, but it's detectable
-
sarang
(assuming no hash collisions...)
-
sarang
a repo host (like github) could always prevent this by its own policy
-
sarang
So I suppose it's "sort of" preventable =p
-
sarang
It's preventable by a repo host, but not inherently by the way git operates, is what I mean
-
kinghat[m]
we were talking about the hash checking on the gui updater in here on the 11th
-
kinghat[m]
fluffy was saying its not hard to change git history.
-
sarang
It's hard to change it without affecting the hash
-
sarang
It's very hard to change it if the commits are signed
-
sarang
What are you looking to do?
-
kinghat[m]
i was just wondering if it would be better to check the hash from two locations instead of a single source.
-
kinghat[m]
but selsta already mention that it was probably overkill the way it is and would be giving gh data about users checking the hash iirc
-
sarang
The hash of what?
-
kinghat[m]
the binary iirc
-
sarang
That has nothing to do with git
-
-
kinghat[m]
i then asked if there would be a public trace of the compromise. and thats where the backdating of a pr/commit came into context.
-
sarang
Compromise of what?
-
sarang
The binary or the git repo?
-
sarang
Or both?
-
kinghat[m]
a dev
-
sarang
Well, you're checking for two sigs from maintainers already, right?
-
kinghat[m]
dev > repo > binary
-
selsta
That does not make sense because if you have server access you can change a file, there would be no trace on github.
-
selsta
If you mean the auto updater specifically, you would see which maintainer signed the bad hashes.
-
kinghat[m]
ya but you would have to compromise the monero server and github
-
selsta
If someone compromises 3 DNS servers, the website and two maintainer signatures then there is no reason to believe that they couldn’t get into the Github of a maintainer.
-
kinghat[m]
true
-
selsta
I consider GPG sig compromised = fully compromised
-
kinghat[m]
something something repo builds 😂
-
selsta
soon^tm :D