[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #50810] Recommend secure transport (HTTPS) instead of git protocol

From: Sam Kuper
Subject: [bug #50810] Recommend secure transport (HTTPS) instead of git protocol for cloning Grub
Date: Sat, 15 Apr 2017 18:54:39 -0400 (EDT)
User-agent: Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0


                 Summary: Recommend secure transport (HTTPS) instead of git
protocol for cloning Grub
                 Project: GNU GRUB
            Submitted by: sampablokuper
            Submitted on: Sat 15 Apr 2017 10:54:37 PM UTC
                Category: Documentation
                Severity: Major
                Priority: 5 - Normal
              Item Group: Documentation
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: 
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
                 Release: Git master
         Reproducibility: Every Time
         Planned Release: None



The page https://www.gnu.org/software/grub/grub-download.html recommends
obtaining the latest GRUB source thus:

git clone git://git.savannah.gnu.org/grub.git

This should be changed to:

git clone https://git.savannah.gnu.org/git/grub.git


Why? Because HTTPS provides some chance of authenticity, integrity and
privacy, whereas the plain Git protocol provides none of those.

(Ideally, GRUB commits would be signed too. I have opened a separate action
request for that: https://savannah.gnu.org/bugs/index.php?50809 )


Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]