GNU bug report logs -
#41425
[PATCH 0/5] Have 'guix pull' protect against downgrade attacks
Previous Next
Reported by: Ludovic Courtès <ludo <at> gnu.org>
Date: Wed, 20 May 2020 21:39:02 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
Message #23 received at 41425 <at> debbugs.gnu.org (full text, mbox):
Hi Ludo,
On Wed, 20 May 2020 at 23:39, Ludovic Courtès <ludo <at> gnu.org> wrote:
> By default ‘guix pull’ would now error out if the target commit of a
> channel is not a descendant of the currently-used commit, according to
> the commit graph. There’s an option to bypass that. ‘guix
> time-machine’ behavior is unchanged though: it never complains.
What is the extra time cost of such check? Well, it depends on the
"distance" between the 2 commits and maybe the complexity of the graph
-- it it not clear what happen for complex merge -- but say pulling
once a month.
It is not easy -- nor impossible -- to evaluate such cost at the level
of "guix pull". And I failed to evaluate it using 'commit-relation'
with "guix repl" -- Segmentation fault with commit
c81457a5883ea43950eb2ecdcbb58a5b144bcd11 and
4bdf4182fe080c3409f6ef9b410146b67cfa2595; probably because I did used
correctly the API.
Well, what will be the timing impact of checking the "fast-fowardness"?
All the best,
simon
This bug report was last modified 4 years and 363 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.