[Monotone-devel] Re: How secure are group names?

monotone-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Monotone-devel] Re: How secure are group names?

From:	graydon hoare
Subject:	[Monotone-devel] Re: How secure are group names?
Date:	Tue, 02 Dec 2003 10:49:59 -0500
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031115 Thunderbird/0.3

Peter Simons wrote:

And if you don't know the name? Could you find out, which

groups exist?

I was half considering adding this to the q=status request depotsrespond to, for as a sort of "discovery" mode. perhaps I'll add in aprivate/public flag when or if I do that.. but it wouldn't be much interms of secrecy, just a matter of guessing.

if it did become a big issue, the depot knows how to verify RSAsignatures, so we could build in support for signed q=since requests,too. right now the access control is only on q=post, and it's very coarse.

 | peti:~/monoprojects/public/homepage$ monotone ls ignored --verbose
 | monotone: opening rcfile '/home/simons/.monotonerc' ... monotone: ok
 | monotone: executing ls command
 | monotone: executing list command

Nothing happens.


huh. works for me. what's in your .monotonerc?

-graydon

[Prev in Thread]

Current Thread

[Next in Thread]

[Monotone-devel] How secure are group names?, Peter Simons, 2003/12/01
- [Monotone-devel] Re: How secure are group names?, graydon hoare, 2003/12/02
  - [Monotone-devel] Re: How secure are group names?, Peter Simons, 2003/12/02
    - [Monotone-devel] Re: How secure are group names?, graydon hoare <=
    - [Monotone-devel] Re: How secure are group names?, Peter Simons, 2003/12/02

Prev by Date: [Monotone-devel] Re: How secure are group names?
Next by Date: [Monotone-devel] build fails
Previous by thread: [Monotone-devel] Re: How secure are group names?
Next by thread: [Monotone-devel] Re: How secure are group names?
Index(es):
- Date
- Thread