Hacker News new | past | comments | ask | show | jobs | submit login

Git commit hashes are pretty safe.



To verify old hashes, with a backup. But anyone with access can just push a new commit with an arbitrary author field. Without code signing it'd be very difficult to tell who actually pushed it. (Probably GitHub has logs you could check, but if the attacker could get on the corporate network it'd just be a NAT IP, and more sophisticated attackers can spoof or MITM)


Aren't they changing the hash algorithm specifically because they're no longer safe?


Theoretically no longer safe, but to insert a compromise commit matching another one that looks like normal code is close to impossible.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: