Re: Replacing large blobs in git history

public inbox for git@vger.kernel.org 
 help / color / mirror / Atom feed

From: Junio C Hamano <gitster@pobox•com>
To: Holger Hellmuth <hellmuth@ira•uka.de>
Cc: "Ævar Arnfjörð Bjarmason" <avarab@gmail•com>,
	"Neal Kreitzinger" <nkreitzinger@gmail•com>,
	"Barry Roberts" <blr@robertsr•us>, git <git@vger•kernel.org>
Subject: Re: Replacing large blobs in git history
Date: Thu, 08 Mar 2012 13:22:57 -0800	[thread overview]
Message-ID: <7vy5rabxe6.fsf@alter.siamese.dyndns.org> (raw)
In-Reply-To: <4F58D2CD.2050502@ira.uka.de> (Holger Hellmuth's message of "Thu, 08 Mar 2012 16:39:57 +0100")

Holger Hellmuth <hellmuth@ira•uka.de> writes:

> On 07.03.2012 22:27, Ævar Arnfjörð Bjarmason wrote:
>> Does something other than git-fsck actually check whether the
>> collection of blobs you're getting from the remote when you clone have
>> sensible sha1's?
>>
>> What'll happen if he replaces that 550MB blob with a 0 byte blob but
>> hacks the object store so that it pretends to have the same sha1?
>
> This is something I tested once because of security concerns
> (i.e. what happens if a malicious intruder just drops something else
> into the object store) and if I remember correctly only git-fsck was
> able to spot the switch. But I didn't test cloning, only a few local
> operations.

Local operation that do not have to look at such a corrupt blob will
not verify everything under the sun every time for obvious reasons.

An operation to transfer objects out of the repository (e.g. serving
as the source of "clone" from elsewhere) will notice when it has to
send such a corrupt object and you will be prevented from spreading
the damage.

The same thing for a transfer in the reverse direction. When the
other side tells us that it is giving us everything we asked, we
still look at all the objects we received to make sure.

next prev parent reply	other threads:[~2012-03-08 21:23 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-03-06 16:09 Replacing large blobs in git history Barry Roberts
2012-03-06 20:49 ` Neal Kreitzinger
2012-03-07 21:27   ` Ævar Arnfjörð Bjarmason
2012-03-08 15:39     ` Holger Hellmuth
2012-03-08 21:22       ` Junio C Hamano [this message]
2012-03-07  9:04 ` Michael Haggerty

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7vy5rabxe6.fsf@alter.siamese.dyndns.org \
    --to=gitster@pobox$(echo .)com \
    --cc=avarab@gmail$(echo .)com \
    --cc=blr@robertsr$(echo .)us \
    --cc=git@vger$(echo .)kernel.org \
    --cc=hellmuth@ira$(echo .)uka.de \
    --cc=nkreitzinger@gmail$(echo .)com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox