On Sat, Mar 13, 2010 at 10:24 AM, Jeroen Vermeulen <[email protected]> wrote: > I've just been discussing something with wgrant that has been bothering both > of us. > ... > We can't be sure, but we think the cross-check may have started out as an > extra protection against compromised slaves trying to confuse the buildd > master. ... > If we ever decide that we need seriously unpredictable ids ... > > Then again, maybe we don't need a cookie at all and that would be even > easier. > > Any comments? Jeers? Cheers? Beers..? >
The plan sounds good to me. It seems that you are missing key information on what the actual threats and security requirements are. I don't want to block what seems to be a useful simplifying change, but were I you I'd consult James Troup, LaMont Jones or do some threat analysis. jml _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
