[MERGE] [0.90] Disable patch verification (broken for CRLF files)
Aaron Bentley
aaron.bentley at utoronto.ca
Mon Aug 13 18:44:15 BST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
James Westby wrote:
> On (13/08/07 11:45), John Arbash Meinel wrote:
>> The chance of exploiting the change is pretty minimal, will only be
>> exposed for about 1 month, and is a lot less disruptive than preventing
>> bundles completely.
For merge, this prevents a warning that patch verification failed.
While it's true that users could just ignore the warning, I don't want
users to ever ignore this warning.
Pull will refuse to operate on a merge directive whose patch can't be
verified.
The reason for the difference is that merge requires a commit, so users
can choose to revert instead. Pull has no such confirmation step.
> I'm uneasy about opening up a known hole, but yes the alternative is
> worse in this case.
>
> There is another option however, that a fix is implemented that does not
> open the hole. I assume that is too costly for this stage in the
> release, if so then we should go for the least bad option.
As I said, the fix appeared simple, but I ran into problems testing it.
I'm not sure whether the problems were with the fix or with the test.
I am not going to be able to deliver a fix for tomorrow, but I did
commit to getting a fix in time for 0.91. It will be a high priority.
Aaron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGwJhv0F+nu1YWqI0RAvCzAKCAdRx1GokQeYcLR8I5SRV+QIF+8wCdFVSN
7D5IolEdaivlEqY4ygP/3Pw=
=o7G3
-----END PGP SIGNATURE-----
More information about the bazaar
mailing list