A web app that we're building is designed in such a way that the vector clocks returned from a bucket with use_multi:true will be sent to the client, and the client will then return that vector clock in subsequent requests so that we can keep track of state conflicts in riak.
My question is: are there any security risks in doing this? We've obfuscated the vector clock (and never call it the vector clock on the client side), but that's just security through obscurity, and probably wouldn't hold up very long. Would a client be able to get any meaninful information out of a vector clock, or manipulate it in such a way that when they return it it could harm the database? Are there any ways we could combat this?
_______________________________________________ riak-users mailing list [email protected] http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
