[tahoe-lafs-trac-stream] [tahoe-lafs] #1528: escalation of authority from knowing a storage index to being able to delete corresponding shares

[tahoe-lafs]

#1528: escalation of authority from knowing a storage index to being able to
delete corresponding shares
-------------------------+-------------------------------------------------
     Reporter:  zooko    |      Owner:  davidsarah
         Type:  defect   |     Status:  closed
     Priority:           |  Milestone:  1.8.3
  critical               |    Version:  1.9.0a1
    Component:  code-    |   Keywords:  security preservation anti-
  storage                |  censorship storage leases
   Resolution:  fixed    |
Launchpad Bug:           |
-------------------------+-------------------------------------------------
Changes (by zooko@…):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 In [5256/trunk]:
 {{{
 #!CommitTicketReference repository="trunk" revision="5256"
 storage: remove the storage server's "remote_cancel_lease" function
 We're removing this function because it is currently unused, because it is
 dangerous, and because the bug described in #1528 leaks the cancellation
 secret, which allows anyone who knows a file's storage index to abuse this
 function to delete shares of that file.
 fixes #1528 (there are two patches that are each a sufficient fix to #1528
 and this is one of them)
 }}}

-- 
Ticket URL: <http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1528#comment:7>
tahoe-lafs <http://tahoe-lafs.org>
secure decentralized storage