> On Friday, 9 January 2026, at 6:14 PM, Calvin wrote: > >> There are many security and privacy holes in venti's design that should be >> fixed. Anyone with access to a venti system has, in essence, full >> permissions to all data in every file system stored in the system. The only >> current practical mitigation is to simply prevent access to the venti in the >> first place, and only expose a file system on top of it, such as fossil, but >> this can greatly reduce the benefits of venti's deduplication. > > Indeed, venti is insecure. But it doesn't do 9p and it is only intended as a > backing store for real servers. If the real server (eg. a fossil) is on the > same machine, address of 127.1 is a solution. Imho also adresses in 168.x.x.x > nets are quite safe. This way it is not exposed outside your realm.
Sorry i was quoting Noam there, I am interested in proposed solutions. ------------------------------------------ 9fans: 9fans Permalink: https://9fans.topicbox.com/groups/9fans/T4d8ba4236feb5d92-M2a5d8457b57f7ac8e8103593 Delivery options: https://9fans.topicbox.com/groups/9fans/subscription
