Regarding security, the ERIS spec describes some of these issues, but I doubt the ERIS solution is compatible.
https://eris.codeberg.page/spec/#name-security-considerations There is an ERIS 9P server but it's read-only and stores blocks in its own database. https://eris.codeberg.page/erishell.1.html#srv- Excerpts from Calvin via 9fans's message of January 10, 2026 2:08 am: >> On Friday, 9 January 2026, at 6:14 PM, Calvin wrote: >> >>> There are many security and privacy holes in venti's design that should be >>> fixed. Anyone with access to a venti system has, in essence, full >>> permissions to all data in every file system stored in the system. The only >>> current practical mitigation is to simply prevent access to the venti in >>> the first place, and only expose a file system on top of it, such as >>> fossil, but this can greatly reduce the benefits of venti's deduplication. >> >> Indeed, venti is insecure. But it doesn't do 9p and it is only intended as a >> backing store for real servers. If the real server (eg. a fossil) is on the >> same machine, address of 127.1 is a solution. Imho also adresses in >> 168.x.x.x nets are quite safe. This way it is not exposed outside your realm. > > Sorry i was quoting Noam there, I am interested in proposed solutions. ------------------------------------------ 9fans: 9fans Permalink: https://9fans.topicbox.com/groups/9fans/T4d8ba4236feb5d92-M8702dae5eeef483f9277a8c1 Delivery options: https://9fans.topicbox.com/groups/9fans/subscription
