From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Daniel Mendler <mail@daniel-mendler.de>
Newsgroups: gmane.emacs.bugs
Subject: bug#61277: FR: ELPA security - Restrict package builds to signed git
 commits
Date: Sun, 12 Feb 2023 11:32:36 +0100
Message-ID: <23c855a2-4330-6da8-6a05-72f26e4ebc5b@daniel-mendler.de>
References: <87pmapqoo5.fsf@daniel-mendler.de>
 <E1pPF5v-0007YZ-6K@fencepost.gnu.org>
 <CADwFkmkZNDSjmGJDHB4Xp78s8=mM32+uF0nF=gjrTEf6RRa_6A@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="35394"; mail-complaints-to="usenet@ciao.gmane.io"
Cc: 61277@debbugs.gnu.org, yantar92@posteo.net, monnier@iro.umontreal.ca
To: Stefan Kangas <stefankangas@gmail.com>, rms@gnu.org
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Sun Feb 12 11:33:19 2023
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>)
	id 1pR9fb-0008zm-9G
	for geb-bug-gnu-emacs@m.gmane-mx.org; Sun, 12 Feb 2023 11:33:19 +0100
Original-Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-gnu-emacs-bounces@gnu.org>)
	id 1pR9fM-0008Ok-I0; Sun, 12 Feb 2023 05:33:04 -0500
Original-Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pR9fK-0008OZ-Dj
 for bug-gnu-emacs@gnu.org; Sun, 12 Feb 2023 05:33:02 -0500
Original-Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pR9fK-00083w-3c
 for bug-gnu-emacs@gnu.org; Sun, 12 Feb 2023 05:33:02 -0500
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1pR9fJ-0004oy-Vv
 for bug-gnu-emacs@gnu.org; Sun, 12 Feb 2023 05:33:02 -0500
X-Loop: help-debbugs@gnu.org
Resent-From: Daniel Mendler <mail@daniel-mendler.de>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Sun, 12 Feb 2023 10:33:01 +0000
Resent-Message-ID: <handler.61277.B61277.167619797018511@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 61277
X-GNU-PR-Package: emacs
Original-Received: via spool by 61277-submit@debbugs.gnu.org id=B61277.167619797018511
 (code B ref 61277); Sun, 12 Feb 2023 10:33:01 +0000
Original-Received: (at 61277) by debbugs.gnu.org; 12 Feb 2023 10:32:50 +0000
Original-Received: from localhost ([127.0.0.1]:44122 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1pR9f7-0004oV-Lv
 for submit@debbugs.gnu.org; Sun, 12 Feb 2023 05:32:49 -0500
Original-Received: from server.qxqx.de ([178.63.65.180]:59899 helo=mail.qxqx.de)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mail@daniel-mendler.de>) id 1pR9f3-0004oG-HK
 for 61277@debbugs.gnu.org; Sun, 12 Feb 2023 05:32:47 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=qxqx.de;
 s=mail1392553390; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:From:
 References:Cc:To:Subject:MIME-Version:Date:Message-ID:Sender:Reply-To:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=E7P3SviMwILiwXMUBUEVMX5tL/eNd6n6CxuL4/WEjnk=; b=P+eX0Jt+ynPGZMyv1/5bTYAq43
 woHSalFdH8E/byke9zMfltzIkjEji2kMzpFkpNwBar7SbBSwe/T8czC22RALuVV3hp61swEAMQ1Pt
 y5pCF3CXDS+1SuiKU2VUUaEsiom96RccXVanwR4IgS/CoznsTckzqf46IX9iEdVoE5u4=;
Content-Language: en-US
In-Reply-To: <CADwFkmkZNDSjmGJDHB4Xp78s8=mM32+uF0nF=gjrTEf6RRa_6A@mail.gmail.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
 the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Xref: news.gmane.io gmane.emacs.bugs:255393
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/255393>

On 2/12/23 07:37, Stefan Kangas wrote:
>> Breach of precisely what?  To think about this issue
>> requires an answer to that question.
> 
> The idea is that the likelihood of both an SSH and a PGP key getting
> stolen at the same time is lower than either one of them getting stolen
> separately.

There could also be a breach on the server where the git repository is
hosted. The repository could be manipulated directly on the server. It
is not that likely but if such incidents happen they have a huge
fallout. I also expect that more and more people move their
:auto-sync'ed git repositories to private servers or smaller forges,
which may not be as protected as the most popular ones.

Daniel