Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262220AbVDXB3u (ORCPT ); Sat, 23 Apr 2005 21:29:50 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262221AbVDXB3u (ORCPT ); Sat, 23 Apr 2005 21:29:50 -0400 Received: from quechua.inka.de ([193.197.184.2]:28629 "EHLO mail.inka.de") by vger.kernel.org with ESMTP id S262220AbVDXB3s (ORCPT ); Sat, 23 Apr 2005 21:29:48 -0400 From: Bernd Eckenfels To: linux-kernel@vger.kernel.org Subject: Re: more git updates.. Organization: Private Site running Debian GNU/Linux In-Reply-To: <20050423174227.51360d63.pj@sgi.com> X-Newsgroups: ka.lists.linux.kernel User-Agent: tin/1.7.8-20050315 ("Scalpay") (UNIX) (Linux/2.6.8.1 (i686)) Message-Id: Date: Sun, 24 Apr 2005 03:29:43 +0200 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 889 Lines: 22 In article <20050423174227.51360d63.pj@sgi.com> you wrote: > If something is likely to happen less than once in a billion years, > then for all practical purposes, it won't happen. Of course there are colliding files already available and easyly generate-able. So a malicous attack is already possible. Which is especially nasty because one can proof GIT obeject file system is broken. However I dont think it is a problem for Linux Source Control purpose, ever. However using a combined hash might be a good idea, here. So you silence the critics since they have no eploit samples handy. :) Or at least go with FIPS 180-2. Greetings Bernd - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/