RFE: use patchwork to submit a patch
Konstantin Ryabitsev
konstantin at linuxfoundation.org
Tue Oct 15 02:25:19 AEDT 2019
On Mon, Oct 14, 2019 at 11:28:59AM -0300, Mauro Carvalho Chehab wrote:
>Yeah, our current security model is based at the maintainer for
>him to do his duties, properly reviewing the patch.
>
>Yet, at the example that Daniel gave:
>
>Instead of:
>
> if ((permissions == allowed) && other_stuff) {
> do_things();
> }
> do_more_stuff(permissions);
>
>Patch was maliciously modified to:
>
> if ((permission == allowed) && other_stuff) {
> do_things();
> }
> do_more_stuff(permissions);
>
>I suspect that a change like that might sleep though the maintainer's
>review.
I submitted a proposal to the git list that would address this, but it
saw little uptake in the discussion:
https://public-inbox.org/git/20190910121324.GA6867@pure.paranoia.local/t/#u
To summarize it in brief, I suggested using minisign signatures and
git-tracked TOFU (trust on first use) databases. TOFU is not perfect,
but it's better than nothing at all, which is what we have right now.
-K
More information about the Patchwork
mailing list