On 2013-12-14 15:43, Jason White wrote: [...]
contents, users generally don't change the former, and a version control system isn't a security tool designed to resist unexpected user behaviour. As
I disagree. Assuming you trust SHA1 (which is getting a bit long in the tooth), Git has end-to-end security: You can sign a tag with a GPG key and that tag points to a commit which can't be modified without changing its hash. The hash of the commit is dependent on all previous commits, so you can't change any of the previous commits either, without invalidating the signature. If it were possible for a user to clone a git repo and then have somebody edit a file in the working tree while maintaining the datestamp, git should be able to detect that, otherwise the entire security model breaks down. -- Regards, Matthew Cengia