On Tue, 2010-08-03 at 22:09 +0000, Ben Boeckel wrote: > Matt McCutchen <matt@xxxxxxxxxxxxxxxxx> wrote: > > No. If the attacker MITMs the entire connection, they can lie about the > > values of the remote refs too, so there is no need to find a hash > > collision. > > And how would you then be allowed to push? The git server would see that > your history doesn't match the history it has and will refuse the > commits. When the maintainer fetches, the attacker adds malicious commits on top of the real remote ref value, and then the maintainer pushes those commits as if he committed them himself. But IMNSHO, malicious alteration of a fetch is something maintainers shouldn't have to deal with, regardless of what the consequences might or might not be. (I should have changed the subject two round trips ago. Oh well...) -- Matt -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
