On Wed, 23 Apr 2008, Ping Yin wrote:
On Wed, Apr 23, 2008 at 2:07 AM, Josef Weidendorfer
Hmm... At least, it can be very annoying when git fetches data from repositories
you did not expect, only because submodule URLs change via this
fallback mechanism. Perhaps it is a little far reached, but suppose a project
changes its URL, and the old one becomes occupied by a malicious person.
The problem is that the URL with the now malicious repository is bound in the
history of the project.
It is always bound now without the fallback patch :)
For sure, you do not want to fetch from that old repository
by accident, after you did a checkout of an old commit. And there would be no
way to protect other people from this malicious repository other than rewriting
the whole history.
I wonder how the *malicious* repository can hurt us since only the
commit recorded in commit of the super project will be checked out.
If one manages to hack on repository one can modify it enormous amount of
ways, including spoofing on SHA (providing wrong contents for it - does
git verify that when getting a pack?), utilizing bugs in git etc...
I doubt somebody would spend that much of an effort but you know,
you can not be paranoid *enough* :)
regards,
Fedor.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
