Killing plaintext git:// in favor of https:// cloning
Jason A. Donenfeld
Jason at zx2c4.com
Tue Feb 23 06:05:12 CET 2016
On Mon, Feb 22, 2016 at 9:43 PM, Joe Anakata
<jea-signup-cgit at anakata.org> wrote:
> (Also it was mentioned this would only work for people making a fresh
> clone; anyone with an existing clone would almost certainly know
> something was up.)
No, definitely a MITM attack is feasible that would be fast
forwardable just fine for a pull onto an existing repo.
> Also there is the issue of the book reference, which is hard to
> change. Though, for this, you could just have a dummy server which
> redirects people, something which is essentially:
> nc -l -p 9418 -c "echo -n 002AERR please use https://foo.bar/foo.git"
Right, this is exactly what I wound up doing, except much higher
performance using epoll:
I haven't decided whether or not to deploy it, but the code is there.
> (Of course, someone could still MITM *that*.
Right. But the idea, anyhow, would just be to let the readers of the
book know what's up, rather than leaving them in the dark.
More information about the CGit