On Sat, Oct 11, 2008 at 1:24 PM, Daniel Carrera <[EMAIL PROTECTED]> wrote: > Hello, > > When you run "db kill_rev_locally", does Monotone record who performed that > action? E.g. a malicious developer or an unauthorized person who stole a > developer's credentials might run this command and we would like to know who > it was.
No, it simply wipes out the revision and its certs, as if they never existed. (Except that as you note, it does leave some of the associated data behind in the database, but there's no way to get at this data except by poking around in the db by hand.) This isn't really a security issue, though, because it only affects the database that it's run on. If I break into your machine and run kill_rev_locally on some real and important revision, then next time you run 'mtn sync' it will notice that the server has a copy of that revision and your machine does not, and will re-pull it. Nothing is lost. kill_rev_locally only *actually* loses information if the only copy of that information is in the database that the attacker has *direct* access to, and if they have direct access they can remove any record we would like to make anyway. -- Nathaniel _______________________________________________ Monotone-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/monotone-devel
