onsdagen den 23 april 2008 09.47.57 skrev Fedor Sergeev: > If one manages to hack on repository one can modify it enormous amount of > ways, including spoofing on SHA (providing wrong contents for it - does > git verify that when getting a pack?), utilizing bugs in git etc... The pack transfer protocol does not transfer the SHA of objects, only the contents is transferred. The SHA-1 is (has to be since it is not sent) reconstructed on the receiving end. -- robin -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
