Handover, Make
First, congratulations Junio, on taking over this stuff, and all the best. Second, the killer argument, in the 'Recursive Make ... harmful' is the basic one that Recursive Makes breaks up the dependancy graph, and almost guarentees that it is wrong unless you do a lot of work to fix that artifact. Now git is small enough that make clean; make won't take too long but git is also a basis for other layers, so there is good reason to try to get it right. -- mit freundlichen Grüßen, Brian. - To unsubscribe from this list: send the line unsubscribe git in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: SHA1 hash safety
Three points: (1) I _have_ seen real-life collisions with MD5, in the context of Document management systems containing ~10^6 ms-WORD documents. (2) The HMAC (ethernet-harware-address) of any interface _should_ help to make a unique Id. (3) While I havn't looked at the details of the plumbing, this is the time to make sure we can, easily, drop in SHA-160, SHA-256 (or whatever comes from NIST) when needed. David Lang wrote: On Sat, 16 Apr 2005, Ingo Molnar wrote: * David Lang [EMAIL PROTECTED] wrote: this issue was raised a few days ago in the context of someone tampering with the files and it was decided that the extra checks were good enough to prevent this (at least for now), but what about accidental collisions? if I am understanding things right the objects get saved in the filesystem in filenames that are the SHA1 hash. of two legitimate files have the same hash I don't see any way for both of them to exist. yes the risk of any two files having the same has is low, but in the earlier thread someone chimed in and said that they had two files on their system that had the same hash.. you can add -DCOLLISION_CHECK to Makefile:CFLAGS to turn on collision checking (disabled currently). If there indeed exist two files that have different content but the same hash, could someone send those two files? remember that the flap over SHA1 being 'broken' a couple weeks ago was not from researchers finding multiple files with the same hash, but finding that it was more likly then expected that files would have the same hash. there was qa discussion on LKML within the last year about useing MD5 hashes for identifying unique filesystem blocks (with the idea of being able to merge identical blocks) and in that discussion it was pointed out that collisions are a known real-life issue. so if collision detection is turned on in git, does that make it error out if it runs into a second file with the same hash, or does it do something else? David Lang -- Brian - To unsubscribe from this list: send the line unsubscribe git in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: fix mktemp (remove mktemp ;)
No, you have to: (a) create a unique, pid specific file name /var/tmp/myapp.$$.xyzzy (b) create it in O_EXCL mode, so you wont smash another's held lock (b-1) It worked, OK (b-2) open failed, try ...xyzzz repeat until (b-1) There are thousands of examples of how to do this with bash. Paul Jackson wrote: Dave wrote: mktemp is being used here to provide randomness in the filename, not just a uniqueness. Ok - useful point. How about: t=${TMPDIR:-/usr/tmp}/gitdiff.$$.$RANDOM all an attacker has to do is create 65535 symlinks in /usr/tmp the point of the xyzzy seed is to make creating all possible files in-feasable. And how about if I removed the tmp files at the top: t=${TMPDIR:-/usr/tmp}/gitdiff.$$.$RANDOM trap 'rm -fr $t.?; trap 0; exit 0' 0 1 2 3 15 rm -fr $t.? ... rest of script ... How close does that come to providing the same level of safety, while remaining portable over a wider range of systems, and not requiring that a separate command be forked? I'd suggest fixing your distributions ... It's not just my distro; it's the distros of all git users. If apps can avoid depending on inessential details of their environment, that's friendlier to all concerned. And actually my distro is fine - it's just that I am running an old version of it on one of my systems. Newer versions of the mktemp -t option. -- mit freundlichen Grüßen, Brian. Dr. Brian O'Mahoney Mobile +41 (0)79 334 8035 Email: [EMAIL PROTECTED] Bleicherstrasse 25, CH-8953 Dietikon, Switzerland PGP Key fingerprint = 33 41 A2 DE 35 7C CE 5D F5 14 39 C9 6D 38 56 D5 - To unsubscribe from this list: send the line unsubscribe git in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html