[tahoe-lafs-trac-stream] [tahoe-lafs] #1528: escalation of authority from knowing a storage index to being able to delete corresponding shares
tahoe-lafs
trac at tahoe-lafs.org
Wed Sep 14 09:52:13 PDT 2011
#1528: escalation of authority from knowing a storage index to being able to
delete corresponding shares
-------------------------+-------------------------------------------------
Reporter: zooko | Owner: davidsarah
Type: defect | Status: closed
Priority: | Milestone: 1.8.3
critical | Version: 1.9.0a1
Component: code- | Keywords: security preservation anti-
storage | censorship storage leases
Resolution: fixed |
Launchpad Bug: 848476 |
-------------------------+-------------------------------------------------
Comment (by warner):
For future code-archaeologists, this bug was introduced in [3326], which
removed a precondition check in {{{read_share_data()}}} (because it used
the original 4-byte size field, which was deprecated in favor of
measuring the length of the container file with os.stat), but didn't
provide a replacement. This was 536 patches after the 1.2.0 release, and
about 295 patches before the 1.3.0 release.
--
Ticket URL: <http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1528#comment:13>
tahoe-lafs <http://tahoe-lafs.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list