[Qemu-devel] insecure git submodule URLs

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] insecure git submodule URLs

From:	Jann Horn
Subject:	[Qemu-devel] insecure git submodule URLs
Date:	Sun, 15 Jul 2018 21:50:42 +0200

Hi!

I noticed that when I build QEMU from git for the first time, it pulls
in submodules over the insecure git:// protocol - in other words, as
far as I can tell, if I'm e.g. on an open wifi network while building
QEMU for the first time, even if I cloned the main repository over
https, anyone could smuggle in malicious code as part of e.g. a
submodule's makefile.

I'm not sure what your preferred fix for this is, so I'm not sending a
patch yet. As far as I can tell, the two options are:

 - change .gitmodules to use https for everything
 - change .gitmodules to use relative URLs

If you want, I'll send a patch that does one of these, although it's
probably faster if you just do it yourselves.

Relative URLs would have the advantage that if someone is cloning from
a mirror (in other words, github), the submodules will also
automatically come from the same mirror.

As far as I can tell, the QEMU git server only supports the "dumb" git
protocol when accessed over HTTPS, not the "smart" protocol. I'm not
sure whether that might be why QEMU is currently still using the
insecure git protocol instead of git over HTTPS?

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] insecure git submodule URLs, Jann Horn <=
- Re: [Qemu-devel] insecure git submodule URLs, Peter Maydell, 2018/07/15
  - Re: [Qemu-devel] insecure git submodule URLs, Jann Horn, 2018/07/15

Prev by Date: [Qemu-devel] [RFC 1/2] arm: Add nRF51 GPIO peripheral
Next by Date: [Qemu-devel] [PULL 2/4] linux-user: convert remaining fcntl() to safe_fcntl()
Previous by thread: [Qemu-devel] [RFC 1/2] arm: Add nRF51 GPIO peripheral
Next by thread: Re: [Qemu-devel] insecure git submodule URLs
Index(es):
- Date
- Thread