On Mon, Jul 30, 2012 at 3:10 PM, Robert Collins <robert.coll...@canonical.com> wrote: > On Tue, Jul 31, 2012 at 6:26 AM, Aaron Bentley <aa...@canonical.com> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On 12-07-30 10:01 AM, Matthew Revell wrote: >>> https://dev.launchpad.net/LEP/PrivateProjects >> >>> An untrusted user cannot guess the name of a private project based >>> on the error message given when trying to register a new project >>> with the same name. >> >> How do we accomplish this? > > One way would be to document that we blacklist names, and make the > error when a name is blacklisted identical to the error when the name > is already taken.
That approach would provide plausible deniability. I wonder if that is sufficient. I also wonder if more is even possible. For example, If someone tries to create a project named "canonical-on-mars" and LP says that it is a blacklisted name and they probe the system and find that other forms of "canonical-on-*" are allowed, I doubt it will take them long to realize that Mars is the first planet in our secret off-world colonization effort. -- Benji York _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : launchpad-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
