[cryptography] kernel.org hack and kernel integrity

James A. Donald jamesd at echeque.com
Sat Sep 3 04:04:18 EDT 2011

On 2011-09-03 12:19 PM, Jeffrey Walton wrote:
> Am I the only guy who finds the kernel integrity assurances suspect [1]:
>      However, it's also useful to note that the potential damage of cracking
>      kernel.org is far less than typical software repositories. That's because
>      kernel development takes place using the git distributed revision control
>      system, designed by Linus Torvalds. For each of the nearly 40,000 files
>      in the Linux kernel, a cryptographically secure SHA-1 hash is calculated
>      to uniquely define the exact contents of that file.
> I did see the claims that git had security related design goals
> (wikipedia). Unfortunately, the wikipedia reference points to a
> Torvalds talk at Google where he claims "security is distributed. and
> I trust 5, 10, 0r 15 developers [sic]" [2] (among his other ramblings
> and bashings). So its not clear to me how Torvalds trust a few people,
> therefore integrity is assured.

Torvald trusts some people, each of which trusts some more people - but 
he also trusts them to check the code.

Suppose that there is a bad apple.  The bad apple can socially engineer 
his code into the source tree by leveraging his relationships, but in so 
doing, if he gets caught, will burn those relationships.

More information about the cryptography mailing list