|
From: | graydon hoare |
Subject: | [Monotone-devel] Re: Query regarding internal consistency checking |
Date: | Wed, 09 Jun 2004 11:06:57 -0400 |
User-agent: | Mozilla Thunderbird 0.5 (X11/20040208) |
Nathaniel Smith wrote:
Suppose I discover that Bob is about to commit a version containing a changed file with version code 12345, but he hasn't committed it yet. (Say, because I say the patch he sent to the list for review.) Suppose I then connect to a netsync server and say "here's the file with version code 12345", and hand it a different file, one containing malicious code.
the netsync server will look at the command packet you sent, hash it, say "funny, this has a different hash code. oh well." and throw the command packet out. and if the netsync server was compromised, your client would do the same thing. and if your database is compromised, your client would do the same thing before it checks out. grep for 'calculate_ident' in the monotone sources. we check hashes quite often.
unless you're talking about the ability to trivially collide SHA1. if someone has that ability, and doesn't have the moral scruples to report it in public, I'd guess they'd be selling it to a government or organized crime, not picking on free software projects.
-graydon
[Prev in Thread] | Current Thread | [Next in Thread] |