[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Watermarking checkouts

From: Jamie Lawrence <jal_at_jal.org>
Date: 2005-08-21 04:03:27 CEST

On Sat, 20 Aug 2005, Matthew L Daniel wrote:

> > I don't believe that there are any hook scripts available to filter a
> > file's contents as it is being checked out though.
> I believe (with an Apache-hosted svn repo) a well-crafted mod_filter
> could accomplish this task. Whether the files would be marked as "dirty"
> in the WC would depend on the exact mechanism svn uses for determining
> such a detail. In my head, so long as the file svn uses for the "revert"
> command matches the "checked out" copy, it wouldn't be dirty.
> As far as the actual watermarking (in a non-intrusive way, and there's
> the rub), sequentially altering local variables to construct a "bible
> code" (sorry, I don't have the actual cryptographic glossary in front of
> me, but when you take the 2nd letter of word 1, the 4th letter of word
> 3, etc, and it spells out a message) is one idea. Conceptually, one
> would only need to replace 33 tokens to be able to represent a GUID in
> the code.
> I responded because I like the challenge of this question, but I feel
> it's a terrible idea to try and solve this problem using an SCM tool.

Look, this sort of watermarking is a hard problem. Whitespace
modification will obviously not fix it - you're presuming a compiler.

This probably does not intersect well with version control - after all,
the goal of VC is to establish how things difer from one another, and
record them. If you give everyone a different version, I'm sure you
could figure out some custom way to keep that straight, but that's
simply not how the software's built.

If this is a hard rule, I'd suggest a branch for each client,
pre-procesed to embed patterns in things like loops, or modify constants
here and there, or alter logic in some way. Of course, this kills VC
methodology, if you allow check ins. Honestly, I'd suggest replacing
whomever is making your coding standards.

Basically, if you don't trust your coders, you can't trust your code,
and source-code disclosure is the least of your worries.


Jamie Lawrence                                        jal@jal.org
I celebrated Thanksgiving in an old-fashioned way. I invited everyone in my
neighborhood to my house, we had an enormous feast, and then I killed them and
took their land. 
  - Jon Stewart
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Aug 21 04:05:30 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.