> Ben's original mail talks about integrity checks of the index file, and > how expensive they get when you talk about any decent-sized index (read: > *a lot* larger than Git or even Linux developers will see regularly). I am quite aware of your situation. > The text you quoted talks about our talking out of our rear ends when we > talk about typical user schenarios because we simply have no telemetry or > otherwise reliable statistics. > > Now, I fail to see any relationship between Jonathan's mail and either of > Ben's statements. > > Care to enlighten me? There was a recent thread (which I assumed was the one I linked), that talked about security implications as soon as we loose the rather strict "git is to be used in a posix world", e.g. sharing your repo over NFS/Dropbox. The specific question that Peff asked was how the internal formats can be exploited. (Can a malicious index file be crafted such that it is not just a segfault, but a 'remote' code execution, given that you deploy the maliciously crafted file via NFS. Removing checks that we already have made me a bit suspicious that it *may* be helping an attacker here, though I have no hard data to show) Sorry for the confusion, Thanks, Stefan
