[bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attac

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attac

From:	zimoun
Subject:	[bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attacks
Date:	Thu, 21 May 2020 16:06:27 +0200

Hi Ludo,

On Wed, 20 May 2020 at 23:39, Ludovic Courtès <address@hidden> wrote:

> By default ‘guix pull’ would now error out if the target commit of a
> channel is not a descendant of the currently-used commit, according to
> the commit graph.  There’s an option to bypass that.  ‘guix
> time-machine’ behavior is unchanged though: it never complains.

What is the extra time cost of such check?  Well, it depends on the
"distance" between the 2 commits and maybe the complexity of the graph
-- it it not clear what happen for complex merge -- but say pulling
once a month.

It is not easy -- nor impossible -- to evaluate such cost at the level
of "guix pull".  And I failed to evaluate it using 'commit-relation'
with "guix repl" -- Segmentation fault with commit
c81457a5883ea43950eb2ecdcbb58a5b144bcd11 and
4bdf4182fe080c3409f6ef9b410146b67cfa2595; probably because I did used
correctly the API.

Well, what will be the timing impact of checking the "fast-fowardness"?

All the best,
simon

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attacks, Ludovic Courtès, 2020/05/20
- [bug#41425] [PATCH 1/5] git: Add 'commit-relation'., Ludovic Courtès, 2020/05/20
  - [bug#41425] [PATCH 2/5] channels: 'latest-channel-instances' doesn't leak internal state., Ludovic Courtès, 2020/05/20
  - [bug#41425] [PATCH 3/5] git: 'update-cached-checkout' returns the commit relation., Ludovic Courtès, 2020/05/20
  - [bug#41425] [PATCH 4/5] channels: 'latest-channel-instances' guards against non-forward updates., Ludovic Courtès, 2020/05/20
  - [bug#41425] [PATCH 5/5] pull: Protect against downgrade attacks., Ludovic Courtès, 2020/05/20
- [bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attacks, zimoun <=
  - [bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attacks, Ludovic Courtès, 2020/05/22
    - [bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attacks, zimoun, 2020/05/25
    - [bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attacks, Ludovic Courtès, 2020/05/27
    - [bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attacks, zimoun, 2020/05/28
- bug#41425: [PATCH 0/5] Have 'guix pull' protect against downgrade attacks, Ludovic Courtès, 2020/05/24

Prev by Date: [bug#40492] [PATCH] gnu: Add meshlab
Next by Date: [bug#41011] [PATCH] gnu: grub: Support for network boot via tftp/nfs.
Previous by thread: [bug#41425] [PATCH 5/5] pull: Protect against downgrade attacks.
Next by thread: [bug#41425] [PATCH 0/5] Have 'guix pull' protect against downgrade attacks
Index(es):
- Date
- Thread