Skip to content

Commit

Permalink
Remove pointless warning
Browse files Browse the repository at this point in the history 
Any attacker who managed to make an evil commit that changed something in the
contrib/verify-commits/ directory could just as easily remove the warning
and/or modify it to not display the evil commits; telling the user to check
those commits specifically misleads them into checking just those commits
rather than the script itself.
  • Loading branch information
@petertodd
petertodd committed May 21, 2016
1 parent 9523e8a commit 22421fa
Showing 1 changed file with 0 additions and 3 deletions.
3 changes: 0 additions & 3 deletions contrib/verify-commits/verify-commits.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,6 @@
DIR=$(dirname "$0")
[ "/${DIR#/}" != "$DIR" ] && DIR=$(dirname "$(pwd)/$0")

echo "Please verify all commits in the following list are not evil:"
git log "$DIR"

VERIFIED_ROOT=$(cat "${DIR}/trusted-git-root")
REVSIG_ALLOWED=$(cat "${DIR}/allow-revsig-commits")

Expand Down

0 comments on commit 22421fa

Please sign in to comment.