monotone-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Monotone Security


From: Peter Stirling
Subject: Re: [Monotone-devel] Monotone Security
Date: Wed, 15 Oct 2008 18:51:32 +0100



Malicious developers
        "Encumbrance pollution attack"
                Our solution includes "everyone delete your database",
                does this really count as being able to resist such
                attackts? About the only problem you *won't* have is
                independent revisions changing their names the way some
                centralized systems could potentially change revision
                numbers.

Is it really that bad? Can't people make a new database like the article suggests?

mtn db kill_rev_locally <rev-id>
mtn db init --db=new_db.mtn
mtn serve --db=old_db.mtn
mtn --db=new_db.mtn pull localhost 'net.example*'
<kill mtn serve>
mv new_db.mtn old_db.mtn


Presumably the issue is not when it's only one revision. If you are intent on malice then you could add 10,000,000 revisions, at which point calling kill_rev_locally will be rather more effort, especially if the revisions are signed by a (compromised or
otherwise) key which had some revisions that you don't want to delete.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]