Thus said =?UTF-8?B?RMO2bcO2dMO2ciBHdWx5w6Fz?= on Sun, 01 Jun 2014 12:56:41 +0200:
> An interesting scenario, what is there to be learned from it for > fossil? Since fossil doesn't like history rewrites, are we protected > to some degree from falsified commits? With our without PGP signing? By way of speculation... I'm not sure this would actually work or leave little to no trace of what happened, but it does seem like it's within the realm of possibility. If someone is concerned, they can try to do it with a test repository and report. Someone with regular commit access could use the --user-override option to checkin as someone else: fossil user new targetuser fossil ci --user-override targetuser -m 'Innocuous commit' Make a few other regular commits as yourself. Then convince the target to pull from your repository using a clone username that matches this new target username. If you're lucky he won't notice the extra commit made by you with his user. After he pulls, discard your .fossil to which you made the nefarious commit (you'll get it back after he pushes to public repository). If he doesn't notice, the next time he pushes to the public repository from his clone, in goes your nefarious change. As far as the public is concerned (for whatever definition of public applies to the project ), I believe this checkin will now appear to have come from the target user and leave no trace of the originator on the public repository. There still will be a trace in the target users repository to which it was pulled, so you will need to convince him to delete his clone to be certain. Again, this is all speculation based upon how I understand Fossil to work, so it may be harder than presented here. Or I may simply be mistaken. If PGP commit signing is in use, then I see little possibility for this actually being successfully affected at all. The worst that could happen is that the target user merges in something and signs the checkin for that merge, however, Fossil still retains the original commit information. I don't know enough about Git to know whether or not the horror story is even possible. I do know that tracking down changes in git is a horror story of its own. :-) Andy -- TAI64 timestamp: 40000000538bf92f _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
