[tor-bugs] #8437 [EFF-HTTPS Everywhere]: Prevent invalid rules from being committed, or at leat warn when they are
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Mar 8 23:52:12 UTC 2013
#8437: Prevent invalid rules from being committed, or at leat warn when they are
----------------------------------+-----------------------------------------
Reporter: schoen | Owner: pde
Type: task | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Changes (by pde):
* cc: Sebastian (added)
Comment:
Sebastian please correct me if I'm wrong about this, but it seems as
though the server side post-receive hook is the first time that the server
can inspect the rulesets, and that's too late to stop the commit from
going through.
Even aside from that, the most conceptually elegant way to audit rulesets
via git might be in the client-side pre-commit hook. But I don't know if
there's any practical way to get a hook script into hundreds of ruleset
authors' local repos [*].
Maybe there's a hook that you, Mike, Dan and I could use on the client
side that would prevent us from pushing broken stuff. But that's
inherently less productive than telling the people who wrote the buggy
rulesets that they were buggy.
[*] the Internet suggests the hack of cp'ing a git hook script into
.git/hooks from somewhere like the build script. But I think that the
ruleset authors who are failing to validate their rulesets probably aren't
running the build script either.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8437#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list