On Sun, Jul 20, 2025 at 4:19 PM Bruno Haible <[email protected]> wrote: > > Arsen Arsenović wrote: > > The signature is not a signature of the author, > > it's the signature of the committer. > > Oh, that explains why commit signing is useful in the Linux kernel project, > - with the lieutenants and the subsystem maintainers, that commit and > forward patches from individual contributors, > - with the pull requests between the various trees ("staging" etc.). > > Whereas here, in a project with a central repository and few, but > well-behaved committers, it would be a pointless hassle.
Savannah infrastructure has been hacked in the past. It will be hacked in the future. Cf., <https://savannah.gnu.org/maintenance/Compromise2010/>. The Linux kernel infrastructure was hacked in the past. It will be hacked again in the future. Cf., <https://lwn.net/Articles/464233/>. And don't forget about the attempt to backdoor the kernel. Cf., <https://lwn.net/Articles/57135/>. The incidents highlight the need for strong auditing controls like commit signing. Jeff
