This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Notes from the version control BOF at the summit


fche@redhat.com (Frank Ch. Eigler) writes:

> Ian Lance Taylor <ian@wasabisystems.com> writes:
> 
> > [...]  Integrity checks and patch signing would be nice bonuses, but
> > they are not required.  gcc operates under social conventions, and
> > generally relies on trust within the community [...]
> 
> Sure, but consider the value of digital signatures in detection of
> repository corruption, and toward automated merging of patches without
> the necessity of handing out UNIX ssh logins to everyone.

For accidental repository corruption, we have backups.  For deliberate
repository corruption, digital signatures don't help, except to pin
down precisely who did it.

With regard to automated patch merging, as you know, we already hand
out SSH keys which are only permitted to run CVS.  I don't see that
digital signatures add any significant level of security to that.  In
general, I think we should require that any new version control system
be more secure than CVS, although admittedly I left that out of the
list.

Ian


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]