Date: Sat, 17 Nov 2012 21:48:11 +0000 From: Chris Rees <utisoft@gmail.com> To: Michael Ross <gmx@ross.cx> Cc: Ivan Klymenko <fidaj@ukr.net>, freebsd-hackers@freebsd.org, freebsd-hubs@freebsd.org, freebsd-questions@freebsd.org, freebsd-security@freebsd.org, grarpamp <grarpamp@gmail.com> Subject: Re: FreeBSD needs Git to ensure repo integrity [was: 2012 incident] Message-ID: <CADLo838oG26KmfHJ%2BtLh82GoJzzRtfqy69%2BNny1_DC8F8X4POQ@mail.gmail.com> In-Reply-To: <op.wnxq9eo0g7njmm@michael-think> References: <CAD2Ti29UoFcHendR8CcdQ4FPNW1HH0O47B1i3JW00Lke2m2POg@mail.gmail.com> <20121117221143.41c29ba2@nonamehost> <op.wnxq9eo0g7njmm@michael-think>
next in thread | previous in thread | raw e-mail | index | archive | help
On 17 Nov 2012 21:00, "Michael Ross" <gmx@ross.cx> wrote: > > On Sat, 17 Nov 2012 21:11:43 +0100, Ivan Klymenko <fidaj@ukr.net> wrote: > >> =D0=92 Sat, 17 Nov 2012 15:00:06 -0500 >> grarpamp <grarpamp@gmail.com> =D0=BF=D0=B8=D1=88=D0=B5=D1=82: >> >>> http://www.freebsd.org/news/2012-compromise.html >>> http://it.slashdot.org/story/12/11/17/143219/freebsd-project-discloses-secu= rity-breach-via-stolen-ssh-key >>> >>> This is not about this incident, but about why major opensource >>> projects need to be using a repository that has traceable, verifiable, >>> built-in cryptographic authentication. >>> > >> LOL And how will this help Linux? >> http://lwn.net/Articles/457142/ > > > In the first comment on the article you link to, you find this: > > http://www.linux.com/news/featured-blogs/171-jonathan-corbet/491001-the-cra= cking-of-kernelorg > > where the OPs view is susbstantiated. Yes, but git doesn't work with our workflow. It's been discussed several times, and changing to a tool that doesn't work for us (and is GPL btw) is no good at all. Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADLo838oG26KmfHJ%2BtLh82GoJzzRtfqy69%2BNny1_DC8F8X4POQ>