
A Git Horror Story: Repository Integrity with Signed Commits (2012) - pmoriarty
https://mikegerwitz.com/papers/git-horror-story
======
_jomo
Interesting, but the commit that introduced the malicious changes wouldn't be
signed by the alleged author's key.

Also I'd trust anyone who denies adding a backdoor like this. Why would anyone
do this with their name attached to the change?

What you'd actually do is change the author to "Anonymous Coward
<nobody@android.com>" ;)

[https://android.googlesource.com/platform/packages/apps/Glob...](https://android.googlesource.com/platform/packages/apps/GlobalSearch/+/592150ac00086400415afe936d96f04d3be3ba0c)

~~~
C4K3
In the given scenario, the author signs tags and not commits. So the malicious
commit wouldn't be signed at all because no commits are signed, and therefore
nothing would look out of place.

The article is arguing that only signing tags is insufficient, and that you
should sign every commit individually to prevent this scenario.

------
alexandercrohde
Sounds like this is solving a non-problem, legitimized by a contrived
hypothetical.

~~~
debacle
That seems to be the consensus every time this is posted.

------
web007
(2012)

------
dijit
If the changes were already in git, werent they signed before he merged?

Gitlab supports push rules that prevent you from pushing on-signed stuff to
the repo (which I’m using, and while gitlab is good at this; it’s very easy to
accidentally not sign a bunch of commits and have to amend a bunch- which I’m
mostly too stupid to do)

I mean. Isn’t the whole point that you only sign your own stuff? Inevitable on
merge, sure. But on merge the stuff is all ready at the origin. No?

~~~
deadbunny
Pretty sure Github also has an option for enabling signed only commits.

------
mcknz
see also:

[https://news.ycombinator.com/item?id=4007229](https://news.ycombinator.com/item?id=4007229)

[https://news.ycombinator.com/item?id=7827828](https://news.ycombinator.com/item?id=7827828)

[https://news.ycombinator.com/item?id=10174354](https://news.ycombinator.com/item?id=10174354)

