[guardian-dev] good git practice to prevent injection of code
Hans-Christoph Steiner
hans at at.or.at
Sat Sep 3 16:47:53 EDT 2011
git and other decentralized code repositories can provide good
protection from the insertion of malicious code from outsiders, as
long as people using them pay attention to what's happening whenever
they are pulling new code. This blog post has a nice description of
that scenario, and also highlights the importance of making commits
readable as well as actually reading the commits that others are
pushing:
http://git-blame.blogspot.com/2011/08/how-to-inject-malicious-commit-to-git.html
And if you haven't already read it, I strongly recommend that all git
users read one of the git books, like Pro Git, to get a solid
understanding of how to use it and how it works. It will save you
lots of time in the long run
http://book.git-scm.com/
http://progit.org/book/
.hc
----------------------------------------------------------------------------
“We must become the change we want to see. - Mahatma Gandhi
More information about the Guardian-dev
mailing list