On Thu, Sep 11, 2014 at 6:07 PM, Nico Williams <n...@cryptonector.com> wrote:
> not if the attacker controls it and the present. An attacker can > always edit the history directly via SQLite3 access to the repo. No, he can't. Well, he can, but he will break the hashes of other records, so any tamping will be noticed. Specifically, the Z- and R-cards detect any sort of tampering. A Z-card is a hash of the contents of a manifest (formal change record). An R-card is a "mega-hash" of everything referenced by that record. Any change in any content is going to change both of those, invalidating them. > Nothing can really be made immutable, but you can detect mutation. > That's splitting hairs, though, as any mutation breaks the data chain. -- ----- stephan beal http://wanderinghorse.net/home/stephan/ http://gplus.to/sgbeal "Freedom is sloppy. But since tyranny's the only guaranteed byproduct of those who insist on a perfect world, freedom will have to do." -- Bigby Wolf
_______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users