[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Monotone Security
From: |
Nathaniel Smith |
Subject: |
Re: [Monotone-devel] Monotone Security |
Date: |
Thu, 16 Oct 2008 12:02:48 -0700 |
On Thu, Oct 16, 2008 at 9:22 AM, Daniel Carrera <address@hidden> wrote:
> Reasoning about causality would go a long way: Never trust a revision that
> is dated earlier than its parent. And it appears to address the specific DOS
> attacks that Peter found.
The date on revisions isn't particularly useful, for all the reasons
people have mentioned.
Another sort of date is unproblematic and would make recovery from
such DOSes easy, though -- add an "audit" table to each db that
records the time (according to the local clock) at which each revision
arrived in that db. Most of the time this is just an extra few bytes
on the disk, and we don't use it for anything; but if we do wake up
one day and discover someone has dumped 10,000 revisions into our
server, the it lets us identify those revisions easily -- just revoke
that person's access and then throw out all revisions that arrived in
the last 24 hours. (It's okay if you throw away some legitimate
revisions; they'll get automatically re-pushed by the original
committers sooner or later.)
-- Nathaniel
- Re: [Monotone-devel] Monotone Security, (continued)
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/15
- Re: [Monotone-devel] Monotone Security, Peter Stirling, 2008/10/15
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/15
- Message not available
- Message not available
- Re: [Monotone-devel] Monotone Security, Peter Stirling, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Jack Lloyd, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Jack Lloyd, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security,
Nathaniel Smith <=
- Re: [Monotone-devel] Monotone Security, Thomas Keller, 2008/10/17
- Re: [Monotone-devel] Monotone Security, Zack Weinberg, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Ethan Blanton, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Zack Weinberg, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carosone, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Jack Lloyd, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Markus Wanner, 2008/10/17