From 22421faa199b7922259b4b55e6471a1b5f91d0da Mon Sep 17 00:00:00 2001 From: Peter Todd Date: Fri, 18 Mar 2016 06:04:08 -0400 Subject: [PATCH] Remove pointless warning Any attacker who managed to make an evil commit that changed something in the contrib/verify-commits/ directory could just as easily remove the warning and/or modify it to not display the evil commits; telling the user to check those commits specifically misleads them into checking just those commits rather than the script itself. --- contrib/verify-commits/verify-commits.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/contrib/verify-commits/verify-commits.sh b/contrib/verify-commits/verify-commits.sh index a859e67852..5219331e2e 100755 --- a/contrib/verify-commits/verify-commits.sh +++ b/contrib/verify-commits/verify-commits.sh @@ -5,9 +5,6 @@ DIR=$(dirname "$0") [ "/${DIR#/}" != "$DIR" ] && DIR=$(dirname "$(pwd)/$0") -echo "Please verify all commits in the following list are not evil:" -git log "$DIR" - VERIFIED_ROOT=$(cat "${DIR}/trusted-git-root") REVSIG_ALLOWED=$(cat "${DIR}/allow-revsig-commits")