[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] db kill_rev_locally
|
From: |
Nathaniel Smith |
|
Subject: |
Re: [Monotone-devel] db kill_rev_locally |
|
Date: |
Sat, 11 Oct 2008 13:49:43 -0700 |
On Sat, Oct 11, 2008 at 1:24 PM, Daniel Carrera <address@hidden> wrote:
> Hello,
>
> When you run "db kill_rev_locally", does Monotone record who performed that
> action? E.g. a malicious developer or an unauthorized person who stole a
> developer's credentials might run this command and we would like to know who
> it was.
No, it simply wipes out the revision and its certs, as if they never
existed. (Except that as you note, it does leave some of the
associated data behind in the database, but there's no way to get at
this data except by poking around in the db by hand.)
This isn't really a security issue, though, because it only affects
the database that it's run on. If I break into your machine and run
kill_rev_locally on some real and important revision, then next time
you run 'mtn sync' it will notice that the server has a copy of that
revision and your machine does not, and will re-pull it. Nothing is
lost. kill_rev_locally only *actually* loses information if the only
copy of that information is in the database that the attacker has
*direct* access to, and if they have direct access they can remove any
record we would like to make anyway.
-- Nathaniel