From owner-freebsd-security@FreeBSD.ORG Mon Nov 19 13:18:02 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EBAEF174; Mon, 19 Nov 2012 13:18:02 +0000 (UTC) (envelope-from m.e.sanliturk@gmail.com) Received: from mail-vc0-f182.google.com (mail-vc0-f182.google.com [209.85.220.182]) by mx1.freebsd.org (Postfix) with ESMTP id 416788FC14; Mon, 19 Nov 2012 13:18:01 +0000 (UTC) Received: by mail-vc0-f182.google.com with SMTP id fo13so6572038vcb.13 for ; Mon, 19 Nov 2012 05:18:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=e44nTj0gNhviH1QGqQQ1w/ZuGlBOwxAZDYMwbCG+9IM=; b=oyFr5jqUrVWtF3N7h5TfJBPCez3YfxtYaYp9KWzsgeGdd2069O7XwM/d29OaDChk6G pIsfpYMpMhBt70NcnENl+ld78O8OWaidBYBtL/j/7jbnoh/tMBzo8fWBHeZ872kU7gbO V++FhGnslTq3+SnVPpK1qwAkjYxJ/CoDHLg2IRpfzPnZ0wBfzQYD24JV7c/QkJ2Fbtol fAW/tmh9ZSAUFyXo7Lz9XRC1oQ1Kkm5o1LNdo0JG2OK9RG/glZJ+VvXgf7pHIzqQbeUD 99MPC/ysMQTqE1TiIz7bCMS2YC2+PrkfR1eHb5e4o/mOrf5Dxvfq4HmC6HjT37xtDkw+ i6cA== MIME-Version: 1.0 Received: by 10.58.161.113 with SMTP id xr17mr17169363veb.3.1353331081128; Mon, 19 Nov 2012 05:18:01 -0800 (PST) Received: by 10.58.218.35 with HTTP; Mon, 19 Nov 2012 05:18:01 -0800 (PST) In-Reply-To: References: <20121117221143.41c29ba2@nonamehost> <50AA2A6C.8060604@gmail.com> Date: Mon, 19 Nov 2012 05:18:01 -0800 Message-ID: Subject: Re: FreeBSD needs Git to ensure repo integrity [was: 2012 incident] From: Mehmet Erol Sanliturk To: "C. P. Ghost" X-Mailman-Approved-At: Mon, 19 Nov 2012 13:29:04 +0000 Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-questions@freebsd.org, freebsd-security@freebsd.org, Volodymyr Kostyrko , Ivan Voras , freebsd-hackers@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Nov 2012 13:18:03 -0000 On Mon, Nov 19, 2012 at 5:10 AM, C. P. Ghost wrote: > On Mon, Nov 19, 2012 at 1:47 PM, Volodymyr Kostyrko > wrote: > > 19.11.2012 14:34, Ivan Voras wrote: > >> > >> On 17/11/2012 22:48, Chris Rees wrote: > >> > >>> (and is GPL btw) > >> > >> > >> Since we're discussing it, Mercurial is BSDL-ed, and apparently has > >> proper crypto signing using GPG: > >> > >> > >> > http://mercurial.selenic.com/wiki/FAQ#FAQ.2FTechnicalDetails.How_do_Mercurial_hashes_get_calculated.3F > > > > > > :%s/BSD/LGP/ > > > > http://mercurial.selenic.com/about/ > > Even if it was BSD licensed, Mercurial has a huge dependency: > Python; and Git is Perl-based. So neither of them is ideal, IMHO. > If at all, we'd need a lean and mean distributed SCM program > like Mercurial or Git, but written in C that we could add to base. > Any volunteers? > > -cpghost. > > -- > Cordula's Web. http://www.cordula.ws/ > http://mercurial.selenic.com/wiki/License http://selenic.com/hg/file/tip/COPYING http://mercurial.selenic.com/about/ "Mercurial is free software licensed under the terms of the GNU General Public License Version 2 or any later version." No one of them above mentions "BSD license" , or "dual license" , etc. Thank you very much . Mehmet Erol Sanliturk Similar projects