[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: "Flaw" revisited (was: Bug? FSFS revision control)

From: Jamie Lawrence <jal_at_jal.org>
Date: 2005-01-27 06:43:09 CET

On Wed, 26 Jan 2005, Dassi, Nasser wrote:

> If you would, please allow me to revisit the point from another angle.
>
> 1. Do you care about the accuracy of a revision history?

Yes, of course.
 
> 2. Do you feel bothered that modifying a single number value from a text-based file can and would result in the rewriting of the repository's very own revision history? Not even a bit? After all, it greatly diminishes the accuracy of said revision history which you probably care about.

No. Not even a bit, because it _doesn't_ diminish the "accuracy" (I
think you mean to say something like "integrity assurance", but I could
be mistaken as to what exactly you're getting at) any more than any
other single variable persistently stored by any other application. If
someone can arbitrarily write to such a value on an app I administer,
either (a) I trust them not to screw with it, or (b) I made a mistake of
one kind or another.

In either case, the fact that they have write access means that they can
do much more subtle and/or damaging things than just fiddling with the rev
number. And, again, this is the same as any other app out there* - as I
noted before, it is a truism to say that if you give me write access to
data, I can corrupt it**.

If you'd like to probe for weaknesses in svn I'm all for it. But "write
access to repository files means people can do bad things" is akin to
saying "if you let people make a telephone call, they can also say
things to whomever answers."

I think I'm about I'm done with the thread, as we seem to be talking
past each other.

-j

*To be (somewhat more) complete, there are special cases and expensive
techiques one can use where storage or transmission protocols can
maintain data integrity in the face of hostile interference. Those
methods aren't used in the nascent "self healing" trend, except,
generously, in a very primitive fashion, and are usually impractical for
all but special situations. In any case, I don't think either us are
talking about secret sharing, NofM methods, or more exotic methods.

**Again, to be complete, some operating systems make file system changes
at least auditable, sometimes rollback/replayable. But wait, there's that
operating system notion again...

-- 
Jamie Lawrence                                        jal@jal.org
"They [RIAA,MPAA] are trying to invent a new crime:
interference with a business model."
   - Bruce Schneier
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Jan 27 06:45:24 2005

This is an archived mail posted to the Subversion Users mailing list.