From owner-freebsd-questions@FreeBSD.ORG Sun Nov 18 05:59:56 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 96998692; Sun, 18 Nov 2012 05:59:56 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-oa0-f54.google.com (mail-oa0-f54.google.com [209.85.219.54]) by mx1.freebsd.org (Postfix) with ESMTP id 22A728FC0C; Sun, 18 Nov 2012 05:59:55 +0000 (UTC) Received: by mail-oa0-f54.google.com with SMTP id n9so5031298oag.13 for ; Sat, 17 Nov 2012 21:59:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=VW9onU10Oem2f9wEymQEk3reHmTphEOSEF1aTtEShFQ=; b=k7qUm0iKKBYQoZp0NXC+ERnK6mo3J/fXIfsUvt5JH1X3pG+oTIFPZYBRsqsJeCThLq dxqHMKF5FNPmWpLgIrjT5SWRipL6eJuXCLGwPOpmOF61TsLdWGrxhs79+zMFAt9wuR21 kqV/FeM4R3JbEVFCeOOkB6kBbk0082nUkBEu6aTRr3mSOrT6oYO+eFfUYdA8GtFcq7pv MvOq2TXq7egCZ09AyMJeT+zO2/+37wi7gXQVh/RHPfeuGod/8hUPJ9LSrNvA2+7dhkky 1LTH25kQf1Iul++W7EJCgGUplgXwGYf44D04yyRbhyo44OEM6P8OVxF7X5q+LC7glrTk Wv3g== MIME-Version: 1.0 Received: by 10.60.2.103 with SMTP id 7mr7825076oet.79.1353218395069; Sat, 17 Nov 2012 21:59:55 -0800 (PST) Received: by 10.76.68.39 with HTTP; Sat, 17 Nov 2012 21:59:54 -0800 (PST) In-Reply-To: References: Date: Sun, 18 Nov 2012 00:59:54 -0500 Message-ID: Subject: Re: FreeBSD needs Git to ensure repo integrity [was: 2012 incident] From: grarpamp To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 Cc: freebsd-hackers@freebsd.org, freebsd-hubs@freebsd.org, freebsd-security@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Nov 2012 05:59:56 -0000 >> joerg_wunsch@uriah.heep.sax.de > You don't even have a name Your domain indicates Germany, please have a chat with CCC.de about the various good uses for nyms. And consult your library for some fine historical use cases. If that's counter to your beliefs, you are free to show us the way and post all your personal infos to the list. > spamming a large number of FreeBSD mailinglists with your advocacy? This topic would benefit from the review and involvement of users (questions), committers (hackers), security (security), and distribution (hubs). > -- > Never trust an operating system you don't have sources for. ;-) As well summarized by this (your signature) ... sources you can't verify to the master are, also, sources you can't trust. >> fidaj@ukr.net > LOL And how will this help Linux? > http://lwn.net/Articles/457142/ How will what help Linux? Please quote a relevant snippet instead of the entire message. Seems pretty clear from the above link that having hashes/crypto as an intrinsic feature of the SCM tool does in fact help Linux. If you're asking about distribution of things traceable back to the master repo, at least your security officer can sign the initial repository commit and then include the various distribution keys and subsequent updates, signed tags, etc in the repo. >> utisoft@gmail.com > Yes, but git doesn't work with our workflow. There's usually a larger than head sized sandbox near everyone's local neighborhood. Will people elect to visit it, or to learn, grow, and change for the better? Prioe workflow is often forced by and derived from the tools being used. Different tools could enable different, more useful workflows. SVN required workflow change from CVS, people managed just fine. > It's been discussed several times I will look for these. Can you point to a couple main threads? > [git] ... is GPL btw FreeBSD does not include this sort-of-BSD licensed SCM tool in its base either... # https://svn.apache.org/repos/asf/subversion/trunk/LICENSE # ls /*bin/svn /usr/*bin/svn ls: No such file or directory But it does include this GPL licensed one... # http://cvs.savannah.gnu.org/viewvc/cvs/ccvs/COPYING?revision=HEAD # ls /*bin/cvs /usr/*bin/cvs' /usr/bin/cvs And of course we have this in use as well... # perforce http://www.perforce.com/purchase/pricing-licensing So it seems license is not an obstacle to inclusion, and certainly not the use via ports, of any particular SCM with the FreeBSD project. >> rsimmons0@gmail.com > https://github.com/freebsd/ >> adrian@freebsd.org > You can look at what goes into the FreeBSD Git clone to get your > assurance that things aren't being snuck in. The same could be said for the CVS clone. Again... Any copy of something that is itself not verifiable provides no such assurance. > Those who want to use git can use it, right now. Honest. Yes, Git does seem to me to be leading the other distributed, hash based, SCM tools such as Hg. Thus Git is suggested. Yes, Git would fill the purpose. I only suggest Git, as to some other choices that use hashes (as usual, please verify with current releases)... https://en.wikipedia.org/wiki/Comparison_of_revision_control_software But this is not really about using Git in particular... These replies are all dodging around the base issue raised... - That FreeBSD has no verifiable source repo - Which is not only a problem for the repo itself, but for everything attempted to be spawned downstream off of that root (no verifiable distribution system/tools distributing that repo, etc). Sorry to reply to these sorts of replies this way, but please, this isn't a troll or a shed. No need to do that around the issue raised. Hash [ :-) ] it out and solve it. Why wait for a costlier breach? Why not provide the assurance beforehand? No better time than now. >> gmx@ross.cx > http://www.linux.com/news/featured-blogs/171-jonathan-corbet/491001-the-cracking-of-kernelorg Yes, another good link outlining the issue.