Hardening fixes lead to hard questions
a year ago
- #Git
- #Development Tools
- #Linux Kernel
- Kees Cook's 'hardening fixes' pull request for the 6.16 merge window led to unexpected issues, including temporary blocking of his kernel.org account.
- Linus Torvalds reacted strongly to the pull request, suspecting malicious activity due to modified commits with altered metadata.
- The issue stemmed from the use of the b4 tool's trailers subcommand, which rewrote commit history unintentionally.
- Cook demonstrated the issue was accidental, and his account was reactivated after review.
- Changes to b4 are planned to prevent similar mistakes, including refusing to rewrite commits not made by the user running the command.
- The incident highlights the risks of powerful tools like Git and the importance of caution and guardrails in their use.