The latest git SHA1 sum is not enough to check. The interesting part for intrude... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

beza1e1 on Sept 1, 2011 | parent | context | favorite | on: Why the Linux kernel is hardly at risk

The latest git SHA1 sum is not enough to check. The interesting part for intruders are "grafts":

"Graft points or grafts enable two otherwise different lines of development to be joined together. It works by letting users record fake ancestry information for commits." https://git.wiki.kernel.org/index.php/GraftPoint

Still easy to check though. ;)

lloeki on Sept 1, 2011 [–]

IIRC grafts are local and not propagated by clone/push/fetch. Replacements via git-replace(1) are, though.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact