gnu-arch-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Re: Default version for star-merge (and more)

From: Andrew Suffield
Subject: Re: [Gnu-arch-users] Re: Default version for star-merge (and more)
Date: Tue, 13 Jul 2004 21:40:11 +0100
User-agent: Mutt/1.5.6+20040523i 
On Tue, Jul 13, 2004 at 04:30:22PM -0400, Aaron Bentley wrote:
> >Even
> >worse there would be the potential for a foreign changeset to redirect
> >the alias to a different archive, which I would consider somewhat of a
> >security issue, 
> 
> See, if *anyone*'s foreign changeset can change your "{arch}/=aliases", 
> you've got anarchy, not central authority.  Central authorities are bad 
> when they have powers not granted to the peons, but if any Tom, Jim or 
> Bob can change the =aliases, that doesn't apply here.
> 
> My implementation of tree-local aliases has +aliases superceding 
> =aliases, if present.
> 
> I suppose a way around the security issue is to *always* have an 
> +aliases, and require the user to do something to copy aliases from 
> =aliases to +aliases.

Everything that you have said here applies just as much to the rest of
the source tree as it does to this hypothetical file. So I figure it's
wrong. I'm kinda waiting for some subversion freak to make this
argument against distributed development, actually.

(I actually can think of some attacks against this feature, but I can
think of trivial defences against them as well; they're really
irrelevant details)

-- 
  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

Attachment: signature.asc
Description: Digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]