chicken-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Chicken-users] Chicken Gazette - Issue 13

From: F. Wittenberger
Subject: Re: [Chicken-users] Chicken Gazette - Issue 13
Date: Wed, 24 Nov 2010 18:15:24 +0100 
Am Dienstag, den 23.11.2010, 09:19 +0100 schrieb Peter Bex:
> On Tue, Nov 23, 2010 at 12:32:24AM +0100, Jörg F. Wittenberger wrote:
> > > == 2. Core development
> > > The scrutinizer was updated to give a warning when a one-armed `if`
> > > is used in tail-position, as suggested on chicken-users by Jörg
> > > Wittenberg.
> > 
> > sure?  or is -- no, wait, no "git" struggle now.  spare me, please!
> 
> Just wait for the next dev snapshot.
> 
> > As I said with a smiley in the other posting: I would never enter into a
> > religious war.
> > 
> > Therefore I have to raise a flag in favour of the great SQLite data
> > base!
> > 
> > Right here!
> > 
> > Why?:  How does your PostgreSQL handle master-master replication?
> 
> I've never had use for that so I don't really know.  But this wiki page
> sounds hopeful:
> http://wiki.postgresql.org/wiki/Replication%2C_Clustering%2C_and_Connection_Pooling#Comparison_matrix

I did not find anything about details of the master-master replication
there.  Though the usual way is, that all changes an any end are
replicated to the other one.  So MiM will always corrupt your data base.

> I didn't know SQLite had any replication whatsoever at all.  Or did you
> roll your own?  
Well, I told you with a grin that this is a letters to the editor.  So
kind of a "me too".

Yes, I did.  Using chicken.  Did you read my linked example code?
http://www.askemos.org/Adc5dd0c30f6e63932811ed60e019bb2d/Kalender?date=2010-11-01
It's intended how easy it can be to use a replicated database (which is
safe against the MiM attack).

Adding yet another replica is as complicated as filling the id into this
form (screenshot)
http://www.askemos.org/Ab6c588dfa4ed826d7b387f19fbc60f10

> If so, you could do that with any database!

Maybe you could.  SQLite was the only one, for which I found a way to do
it.  Hooking into it's virtual file system interface.  A one-man-show of
about 1500 LoC.  (Without the actual replication code, which I had
already before.)

> > What
> > if I mount a man in the middle attack on one of your master replicas and
> > inject fake update packets?  Will I be able to tamper with your data
> > base?  Too bad for you!!!  ;-)
> 
> That's what SSL connections (with client certificates) are for.
> 
> Cheers,
> Peter

Wait, security can be even stronger.  What if replica is rooted?  Or you
got an admin bribed?

Or - as in my example code above: each replica owner has a different
interest in the database content.  Hence a reasonable fear of fraud.

/Jörg
reply via email to
[Prev in Thread] Current Thread [Next in Thread]