[tahoe-dev] [tahoe-lafs] #833: reject mutable children when *reading* an immutable dirnode
tahoe-lafs
trac at allmydata.org
Tue Dec 15 10:00:01 PST 2009
#833: reject mutable children when *reading* an immutable dirnode
---------------------------+------------------------------------------------
Reporter: warner | Owner:
Type: defect | Status: new
Priority: critical | Milestone: 1.6.0
Component: code-dirnodes | Version: 1.5.0
Keywords: integrity | Launchpad_bug:
---------------------------+------------------------------------------------
Changes (by zooko):
* priority: major => critical
Comment:
To clarify, I think this is a critical security issue because if you
{{{tahoe cp -r $IMM_DIR_NODE ./local}}} and then give {{{$IMM_DIR_NODE}}}
to your friend, and she also {{{tahoe cp -r $IMM_DIR_NODE ./herlocal}}},
then you can be assured that she has all the same stuff that you do, even
if the original creator of the directory that you are copying tries to
trick you so that you and your friend get different results. This is the
"deep" analogue of #491 (URIs do not refer to unique files in Allmydata
Tahoe).
--
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/833#comment:3>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid
More information about the tahoe-dev
mailing list