Matthew Cengia <[email protected]> writes: > On 2013-12-14 15:43, Jason White wrote: > [...] >> contents, users generally don't change the former, and a version >> control system isn't a security tool designed to resist unexpected >> user behaviour. As > > I disagree. Assuming you trust SHA1 (which is getting a bit long in > the tooth), Git has end-to-end security: You can sign a tag with a GPG > key and that tag points to a commit which can't be modified without > changing its hash. The hash of the commit is dependent on all previous > commits, so you can't change any of the previous commits either, > without invalidating the signature. If it were possible for a user to > clone a git repo and then have somebody edit a file in the working > tree while maintaining the datestamp, git should be able to detect > that, otherwise the entire security model breaks down.
See also https://en.wikipedia.org/wiki/Monotone_(software) _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
