From: "Raghav Gururajan" via "Development of GNU Guix and the GNU System distribution." <guix-devel@gnu.org>
To: "Mark H Weaver" <mhw@netris.org>,
"Ryan Prior" <ryanprior@hey.com>,
"Danny Milosavljevic" <dannym@scratchpost.org>
Cc: Development of GNU Guix and the GNU System distribution
<guix-devel@gnu.org>
Subject: Re: Cosmetic changes commits as a potential security risk (was Re: Questionable "cosmetic changes" commits)
Date: Sun, 20 Dec 2020 07:00:59 +0000 [thread overview]
Message-ID: <2551437cfcf96955702d3076715772f6@disroot.org> (raw)
In-Reply-To: <87pn3nn858.fsf@netris.org>
Hi Mark!
> Thanks for the explanation.
>
> Please keep in mind that every comment in Guix was deliberately put
> there by a Guix developer, which means that at least one developer
> thought the comment was worth including.
>
> I'm concerned that you felt so confident in your assessment that these
> comments were superfluous that you felt justified in removing them
> without telling anyone, let alone asking your mentors if they agreed.
>
> My larger concern is that these removals were effectively hidden within
> a commit that ostensibly only rearranged and reindented code.
My apologies, I should have mentioned in the commit message. Anyway, I will be deferring from removing any existing comments.
> It occurs to me that commits that rearrange or reindent code are a
> potential security risk, because they obscure other changes made within
> the same commit. Even developers who try to keep an eye on changes
> being made to Guix tend to simply *assume* that commits like these are
> what they claim to be, because it's too tedious to verify them.
>
> If we allow unannounced changes to be obscured within "cosmetic changes"
> commits without reprimand, we invite the future possibility of
> deliberate corruption of our code base via such commits, by attackers
> who have compromised our developers' machines or signing keys.
I see. I haven't thought about this, but will consider it.
Thanks!
Regards,
RG.
prev parent reply other threads:[~2020-12-20 7:01 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-02 18:55 Questionable "cosmetic changes" commits Mark H Weaver
2020-12-02 20:13 ` Ryan Prior
2020-12-02 21:27 ` Tobias Geerinckx-Rice
2020-12-02 22:22 ` Mark H Weaver
2020-12-03 3:16 ` Bengt Richter
2020-12-02 21:33 ` Hartmut Goebel
2020-12-04 2:08 ` Raghav Gururajan
2020-12-04 3:30 ` Ryan Prior
2020-12-04 3:58 ` Raghav Gururajan
2020-12-04 15:12 ` Danny Milosavljevic
2020-12-05 6:47 ` Mark H Weaver
2020-12-05 7:06 ` Mark H Weaver
2020-12-05 20:37 ` Raghav Gururajan
2020-12-05 21:54 ` Christopher Baines
2020-12-05 23:42 ` Bengt Richter
2020-12-20 7:07 ` Raghav Gururajan via Development of GNU Guix and the GNU System distribution.
2020-12-05 23:29 ` Cosmetic changes commits as a potential security risk (was Re: Questionable "cosmetic changes" commits) Mark H Weaver
2020-12-20 6:55 ` Questionable "cosmetic changes" commits Raghav Gururajan via Development of GNU Guix and the GNU System distribution.
2020-12-20 7:00 ` Raghav Gururajan via Development of GNU Guix and the GNU System distribution. [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2551437cfcf96955702d3076715772f6@disroot.org \
--to=guix-devel@gnu.org \
--cc=dannym@scratchpost.org \
--cc=mhw@netris.org \
--cc=raghavgururajan@disroot.org \
--cc=ryanprior@hey.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).