On Thu, Oct 29, 2015 at 3:20 PM, Richard Hipp <[email protected]> wrote:
> On 10/29/15, Warren Young <[email protected]> wrote: > > > > I’ll bet there are a whole lot of people who would love to get some evil > > code into pretty much every smartphone in the world by hacking the SQLite > > code repo. > > > > That’s a powerful motivation. Don’t underestimate it. > > That might be difficult. > > (1) More is involved that just breaking the SHA1 artifact hashes. > Each check-in manifest also has a hash over all content of all files > in the R card. It's an MD5 hash, but that still means the attacker > would have to find replacement source code that (a) matched both SHA1 > and MD5 hashes and (b) was valid C code. Good luck with that. > Wait, so fossil is already doing what I suggested it could do (hashing the entire commit). Why is the R card optional? -- Scott Robison
_______________________________________________ fossil-users mailing list [email protected] http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
