On Thu, Oct 16, 2008 at 9:22 AM, Daniel Carrera <[EMAIL PROTECTED]> wrote: > Reasoning about causality would go a long way: Never trust a revision that > is dated earlier than its parent. And it appears to address the specific DOS > attacks that Peter found.
The date on revisions isn't particularly useful, for all the reasons people have mentioned. Another sort of date is unproblematic and would make recovery from such DOSes easy, though -- add an "audit" table to each db that records the time (according to the local clock) at which each revision arrived in that db. Most of the time this is just an extra few bytes on the disk, and we don't use it for anything; but if we do wake up one day and discover someone has dumped 10,000 revisions into our server, the it lets us identify those revisions easily -- just revoke that person's access and then throw out all revisions that arrived in the last 24 hours. (It's okay if you throw away some legitimate revisions; they'll get automatically re-pushed by the original committers sooner or later.) -- Nathaniel _______________________________________________ Monotone-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/monotone-devel
