On Wed, 2004-03-17 at 11:39, Ben Laurie wrote: > Justin Erenkrantz wrote: > > > --On Tuesday, March 16, 2004 8:19 PM +0000 Ben Laurie > > <[EMAIL PROTECTED]> wrote: > > > >> c) You appear to be assuming daily snapshots maintained forever in your > >> story - if so, how do you deal with network problems and the like? How > >> can you tell a commit that didn't make it to the "secure" server because > >> of a network problem from one that the attacker injected? > > > > > > I think you're misunderstanding here. After every commit, an > > incremental backup containing that revision is generated. It'd then be > > copied over to a 'backup' site. There is no reason to re-dump the > > repository every day as that'd be just too big. If a commit is 'missed' > > due to an attack or whatnot, it'd be obvious because that particular > > revision number will not appear. > > > > This is not like CVS where the prior history can be directly modified by > > tweaking the RCS files. For CVS, there is no concept of incrementality > > - the RCS files just aren't stable enough. > > > > I'd suggest seeing minotaur:/x1/svn/hot-backups for an idea as to what > > we're doing right now. (We have yet to digitally sign anything though.) > > I'm guessing I need subversion to check that out, right?
No, you just need to log in and cd to /x1/svn/hot-backups. > (This is a good > example of what Dirk is talking about, and I'm not even on an old system > - I'd install subversion from ports, except my ports are out-of-date, > and I leave for a trip tomorrow, so I don't want to update them and > break my machine just before I go). If we can reach concensus that we want to move, I'm sure we can work something out so we can provide everyone help to get to a working subversion installation. I'll happily put some of my time in this. Sander