search

Webconverger / webc

Webconverger's curated chroot from which updates originate
https://webconverger.org/upgrade/
73 stars 37 forks source link

Verify the signed git commit on fetch #150

Open kaihendry opened 11 years ago

kaihendry commented 11 years ago

Add a check to verify the fetched git commit against https://github.com/Webconverger/webc/blob/master/root/.gnupg/pubring.gpg

The signing keys would be:

pub   1024D/64399BE2 2005-07-05                                                                                                                                           
uid                  Kai Hendry <hendry@webconverger.com>                                                                                                                 
uid                  Kai Hendry <hendry@iki.fi>                                                                                                                           
sub   2048g/F3BDCC36 2005-07-05                                                                                                                                           
pub   4096R/FAFE3F02 2012-02-18                                                                                                                                           
uid                  Webconverger <staff@webconverger.com>                                                                                                                
sub   4096R/A5A41D0F 2012-02-18

So I doubt going forward we can use the github pull request flow (to master), since the merge would ideally be signed too.

I'm also thinking that we should maybe have a toggle not to do the verification? Perhaps 'noverify' ?

kaihendry commented 11 years ago

Btw we use https://github.com/Webconverger/webc.git by default, so our security at present isn't bad. This would be icing on the cake.