Quanto sono sicuri i tag git firmati? Soprattutto perché git usa SHA-1. Ci sono informazioni contraddittorie in giro.
Quindi se si verifica un tag git ( git tag -v tagname
), quindi checksout
s il tag e si verifica che git status
non segnali file non tracciati / modificati, senza ulteriore verifica manuale del codice, quanto è sicuro questo in realtà? È sicuro solo quanto SHA-1?
Assumiamo un avversario, che sia in grado di produrre collisioni SHA-1.
Git uses SHA-1 not for security
E continua.
The security parts are elsewhere
Potresti per favore approfondire su questo? Dove sono le parti di sicurezza? Puoi per favore spiegare brevemente come funzionano questi? Dove posso leggere di più su questo?
Nonetheless, without second preimage resistance of SHA-1 signed commits and tags would no longer secure the state of the repository as they only sign the root of a Merkle tree.
( resistenza preimage | Merkle tree )
Che contraddice ciò che Linus Torvalds ha detto. Cosa significa per sicurezza? Quale affermazione è vera?
Fonti:
The source control management system Git uses SHA-1 not for security but for ensuring that the data has not changed due to accidental corruption. Linus Torvalds has said, "If you have disk corruption, if you have DRAM corruption, if you have any kind of problems at all, Git will notice them. It's not a question of if, it's a guarantee. You can have people who try to be malicious. They won't succeed. [...] Nobody has been able to break SHA-1, but the point is the SHA-1, as far as Git is concerned, isn't even a security feature. It's purely a consistency check. The security parts are elsewhere, so a lot of people assume that since Git uses SHA-1 and SHA-1 is used for cryptographically secure stuff, they think that, OK, it's a huge security feature. It has nothing at all to do with security, it's just the best hash you can get. [...] I guarantee you, if you put your data in Git, you can trust the fact that five years later, after it was converted from your hard disk to DVD to whatever new technology and you copied it along, five years later you can verify that the data you get back out is the exact same data you put in. [...] One of the reasons I care is for the kernel, we had a break in on one of the BitKeeper sites where people tried to corrupt the kernel source code repositories."
Aggiornamento:
Ho una risposta prolissa di Mike Gerwitz, l'autore di A Git Horror Story: Integrità del repository con commit firmati :