Comments for Green Spring Design, LLC http://greenspringdesign.com/blog Just another WordPress weblog Wed, 08 Sep 2010 10:31:00 +0000 http://wordpress.org/?v=2.5.1 Comment on Mercurial and the case for signatures by Jeremy http://greenspringdesign.com/blog/?p=11#comment-47 Jeremy Mon, 16 Mar 2009 22:06:41 +0000 http://greenspringdesign.com/blog/?p=11#comment-47 Monotone looks interesting - thanks for the suggestion. I want to do this for the same reason that /var/log/* is not world-writeable. Just because someone is trusted to log in doesn't mean they should have write-access to the log, which is used to analyze security post-facto if something happens. The identification and logging scheme should be one 'security level' higher than users. For unix logins, it's done with file permissions. Ditto for SVN and CVS. For a DVCS, it likely has to be done with crypto if at all. Monotone looks interesting - thanks for the suggestion.

I want to do this for the same reason that /var/log/* is not world-writeable. Just because someone is trusted to log in doesn’t mean they should have write-access to the log, which is used to analyze security post-facto if something happens.

The identification and logging scheme should be one ’security level’ higher than users. For unix logins, it’s done with file permissions. Ditto for SVN and CVS. For a DVCS, it likely has to be done with crypto if at all.

]]> Comment on Mercurial and the case for signatures by Jakub Narębski http://greenspringdesign.com/blog/?p=11#comment-25 Jakub Narębski Fri, 06 Mar 2009 13:49:00 +0000 http://greenspringdesign.com/blog/?p=11#comment-25 First, for commits to appear in canonical repository they have to be either pulled by someone with access rights (assuming that he/she trusts the repository he/she pulls from), or have rights to push to repository (with hooks providing additional access control). Second, if you are really paranoid like IPsec guys, and require for each comit to be signed, why not use <a href="http://monotone.ca/" rel="nofollow">Mototone</a> distributed version control system? First, for commits to appear in canonical repository they have to be either pulled by someone with access rights (assuming that he/she trusts the repository he/she pulls from), or have rights to push to repository (with hooks providing additional access control).

Second, if you are really paranoid like IPsec guys, and require for each comit to be signed, why not use Mototone distributed version control system?

]]>