User: Password:
|
|
Subscribe / Log in / New account

Linux malware: an incident and some solutions

Linux malware: an incident and some solutions

Posted Dec 25, 2009 18:15 UTC (Fri) by smurf (subscriber, #17840)
Parent article: Linux malware: an incident and some solutions

>> It's easy for anyone with shell access to the svn server
>> to go back and change someone else's past commit

That's a SVN problem. With git, such a change would have to be propagated through the whole subsequent commit history. This would be immediately visible to anybody who re-syncs their git archive and then looks at the resulting merge tree. Not a perfect solution, but good enough; anyway, git also supports gpg-signed tags, which _are_ as perfect as one can get.

The other distributed VCSes offer similar integrity features. But then, SVN is no _distributed_ VCS.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds