On Sat, Nov 24, 2012 at 10:09:31AM -0800, Shawn O. Pearce wrote: > On Sat, Nov 24, 2012 at 3:12 AM, Michael Hirshleifer <111mth@xxxxxxxxxxx> wrote: > > Evil Guy creates 2 files, 1 evil and 1 innocuous, with the same SHA-1 > > checksum (including Git header). Mr. Evil creates a local branch with an > > innocuous name like “test-bugfix”, and adds a commit containing a reference > > to the evil file. Separately, using a sockpuppet, Evil Guy creates an > > innocuous bugfix (very likely to be accepted) containing the innocuous file, > > and submits it to Good Guy. Before Good Guy can commit the bugfix, Evil Guy > > pushes the evil branch to Github, and then immediately deletes it; or > > equivalently --force pushes any innocuous commit on top of it. (This is > > unlikely to arouse suspicion, and he can always say he deleted it because it > > didn’t work.) > > Here you assume Evil Guy has write access to the same repository as > Good Guy. Lets assume this is possible, e.g. Evil Guy is actually > impersonating White Hat because he managed to steal White Hat's > credentials through a compromised host. Typically Evil Guy doesn't > have write access to Good Guy's repository, and thus can't introduce > objects into it without Good Guy being the one that creates the > objects. > > But lets just keep he assumption that Evil Guy can write to the same > repository as Good Guy, and that he managed to create the bad branch > and delete it, leaving the bad object in an unreachable state for 2 > weeks. Actually, it is somewhat easier on GitHub, because we share objects between forks of a repository via the alternates mechanism. So if you can publicly fork the project and push a branch to your fork, you can write to the shared object database. This applies not just to GitHub, but to any hosting service which shares object databases between projects (I do not know offhand if other hosting providers like Google Code do this). But as you noted later in your email, the byte-for-byte comparison on object collision will let us detect this case when the good guy tries to push and abort. -Peff PS I also think the OP's "sockpuppet creates innocuous bugfix" above is easier said than done. We do not have SHA-1 collisions yet, but if the md5 attacks are any indication, the innocuous file will not be completely clean; it will need to have some embedded binary goo that is mutated randomly during the collision process (which is why the md5 attacks were demonstrated with postscript files which _rendered_ to look good, but contained a chunk of random bytes in a spot ignored by the postscript interpreter). -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html