[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-users] Chicken Gazette - Issue 13
From: |
F. Wittenberger |
Subject: |
Re: [Chicken-users] Chicken Gazette - Issue 13 |
Date: |
Wed, 24 Nov 2010 18:15:24 +0100 |
Am Dienstag, den 23.11.2010, 09:19 +0100 schrieb Peter Bex:
> On Tue, Nov 23, 2010 at 12:32:24AM +0100, Jörg F. Wittenberger wrote:
> > > == 2. Core development
> > > The scrutinizer was updated to give a warning when a one-armed `if`
> > > is used in tail-position, as suggested on chicken-users by Jörg
> > > Wittenberg.
> >
> > sure? or is -- no, wait, no "git" struggle now. spare me, please!
>
> Just wait for the next dev snapshot.
>
> > As I said with a smiley in the other posting: I would never enter into a
> > religious war.
> >
> > Therefore I have to raise a flag in favour of the great SQLite data
> > base!
> >
> > Right here!
> >
> > Why?: How does your PostgreSQL handle master-master replication?
>
> I've never had use for that so I don't really know. But this wiki page
> sounds hopeful:
> http://wiki.postgresql.org/wiki/Replication%2C_Clustering%2C_and_Connection_Pooling#Comparison_matrix
I did not find anything about details of the master-master replication
there. Though the usual way is, that all changes an any end are
replicated to the other one. So MiM will always corrupt your data base.
> I didn't know SQLite had any replication whatsoever at all. Or did you
> roll your own?
Well, I told you with a grin that this is a letters to the editor. So
kind of a "me too".
Yes, I did. Using chicken. Did you read my linked example code?
http://www.askemos.org/Adc5dd0c30f6e63932811ed60e019bb2d/Kalender?date=2010-11-01
It's intended how easy it can be to use a replicated database (which is
safe against the MiM attack).
Adding yet another replica is as complicated as filling the id into this
form (screenshot)
http://www.askemos.org/Ab6c588dfa4ed826d7b387f19fbc60f10
> If so, you could do that with any database!
Maybe you could. SQLite was the only one, for which I found a way to do
it. Hooking into it's virtual file system interface. A one-man-show of
about 1500 LoC. (Without the actual replication code, which I had
already before.)
> > What
> > if I mount a man in the middle attack on one of your master replicas and
> > inject fake update packets? Will I be able to tamper with your data
> > base? Too bad for you!!! ;-)
>
> That's what SSL connections (with client certificates) are for.
>
> Cheers,
> Peter
Wait, security can be even stronger. What if replica is rooted? Or you
got an admin bribed?
Or - as in my example code above: each replica owner has a different
interest in the database content. Hence a reasonable fear of fraud.
/Jörg