[tahoe-dev] several newbie questions

David-Sarah Hopwood david-sarah at jacaranda.org
Fri Apr 22 09:32:09 PDT 2011 

On 21/04/11 13:58, Miles Fidelman wrote:
> Hello Folks,
> 
> Tahoe looks like the coolest filesystem around - certainly the only dispersed
> filesystem I've found with some level of maturity, other than cleversafe, and
> the only open source one.
> 
> There are several questions - answers to which elude me in perusing the
> various publications, presentations, and documentation on Tahoe.  I wonder if
> anybody can comment:
> 
> 1. Tahoe seems to support multi-writer mutable files - but I can't seem to
> find any discussion of consistency management and conflict resolution
> mechanisms.  Are there any, and if so, can someone point me at some
> documentation?

Brief, but to the point:
<http://tahoe-lafs.org/source/tahoe-lafs/trunk/docs/write_coordination.html>

Note that updates from multiple clients using the same gateway should be
consistent. It's only when clients update the same directory using different
gateways, that data loss may occur.

> 2. Looking at the capability mechanisms, it's not clear to what extent
> capabilities are bound to individuals.

Not to any extent. All holders of a capability can use it in the same way.

> The standard problem with key-based capabilities mechanisms is that they
> can be copied.

That's sometimes perceived to be a problem, but there's little evidence from
real-world capability systems that it actually is a problem.

In practice, security models that try to impose a restriction on delegation
end up with worse security as a result. For example in an ACL system, the
owner of an object is forced to anticipate which subjects might need to have
access. This leads in practice to permissions that are overestimates of the
needed authority (if they were underestimates, users would not be able to get
their work done). In a capability system, on the other hand, the same
identifiers that are used to designate objects also grant access to those
objects, regardless of the holder's identity. This reduces the administrative
overhead of managing permissions considerably, and makes it more likely that
the correct permissions will be granted.

-- 
David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 294 bytes
Desc: OpenPGP digital signature
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20110422/196bac1e/attachment.pgp>

More information about the tahoe-dev mailing list