[tahoe-lafs-trac-stream] [Tahoe-LAFS] #795: add-only sets

Tahoe-LAFS trac at tahoe-lafs.org
Tue Dec 11 04:05:03 UTC 2018 

#795: add-only sets
------------------------------+-----------------------------------------
     Reporter:  warner        |      Owner:
         Type:  enhancement   |     Status:  new
     Priority:  major         |  Milestone:  undecided
    Component:  code-mutable  |    Version:  1.5.0
   Resolution:                |   Keywords:  newcaps revocation research
Launchpad Bug:                |
------------------------------+-----------------------------------------

Comment (by tlhonmey):

 I needed something like this to prevent ransomware from dumping/corrupting
 my backups.

 Not wanting to let the perfect be the enemy of the good, I wrote a
 terrible tool that does the job with existing data types.

 {{{
 #! /bin/bash

 if [[ -z "$1" ]]; then
   #no data, create new store
   WCAP=`tahoe mkdir`
   LASTNODE=`tahoe mkdir`
   tahoe ln $LASTNODE $WCAP/lastnode
   NEXTNODE=`tahoe ls --readonly-uri $WCAP | grep lastnode | awk '{ print
 $2 }'`
   tahoe ln $NEXTNODE $WCAP/nextnode
   echo $WCAP
 elif [[ -z "$2" ]]; then
   #no data to push, so read chain
   walknodes() {
     tahoe ls $1 | grep data > /dev/null && tahoe get $1/data && walknodes
 $1/nextnode
   }
   walknodes $1/nextnode
 else
   #new data, push chunk and increment
   WCAP="$1"
   DATA="$2"
   NEWNODE=`tahoe mkdir`
   DATANODE=`echo "$2" | tahoe put `
   echo "linking data"
   tahoe ln $DATANODE $WCAP/lastnode/data
   echo "linking nextnode"
   tahoe ln $NEWNODE $WCAP/lastnode/nextnode
   echo "linking lastnode"
   tahoe rm $WCAP/lastnode
   tahoe ln $NEWNODE $WCAP/lastnode
 fi
 }}}

 Now obviously it's slow, and using raw URIs on the command line isn't the
 most secure thing in the world, but it only stores the write cap for the
 end of the linked list, so any data recorded prior to an intruder getting
 in to where they can log writecaps is effectively immutable.  Store the
 first data node's URI as your immutable recovery start point.

--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/795#comment:17>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage

More information about the tahoe-lafs-trac-stream mailing list