| Title: |
On Omitting Commits and Committing Omissions: Preventing Git Metadata Tampering That (Re)introduces Software Vulnerabilities |
| Article URLs: |
|
| Alternative Article URLs: |
|
| Authors: |
Santiago Torres-Arias |
-
New York University, Tandon School of Engineering
|
| Anil Kumar Ammula |
-
New Jersey Institute of Technology, Department of Computer Science
|
| Reza Curtmola |
-
New Jersey Institute of Technology, Department of Computer Science
|
| Justin Cappos |
-
New York University, Tandon School of Engineering
|
| Sharing: |
Research produced artifacts
|
| Verification: |
Authors have
verified
information
|
| Artifact Evaluation Badge: |
none
|
| Artifact URLs: |
|
| Artifact Correspondence Email Addresses: |
|
| NSF Award Numbers: |
1054754,
1565478,
1241976
|
| DBLP Key: |
conf/uss/Torres-AriasACC16
|
| Author Comments: |
Some of the fixes proposed in our paper are in the production git codebase as of 2.9.0. [ You can find the release notes for git that mention the inclusion of some of our patches into git here: https://lwn.net/Articles/691223/ (Notice the first author's name in contributors list.) The discussion thread, etc. about the actual patch set and what it includes is here: https://public-inbox.org/git/20161007210721.20437-1-santiago@nyu.edu/ ]
We are working with to integrate other techniques from the paper now. While we recommend using our changes to the production git code to do any benchmarking or comparison, we would be happy to provide a copy of our prototype code to any researchers that request it. |