G'day, From: "Eran Tromer" <[EMAIL PROTECTED]> [...] > > librsync needs a whole file checksum. Without it, it silently fails for > > case 1), 3), and 4). > > > > librsync could benefit from a random checksum_seed. It would need to be > > included in the signature. Without it librsync is vulnerable to cases 1) > > and 3). > [snip] > > rsync shouldn't need a fixed seed for batch modes... just store the seed > > in the signature. using a fixed seed makes it vulnerable to 1) and 3). > > I fully agree with your analysis. > I'll just note that in many situations, case 2 can be elevated to case 3 > simply by transferring the file twice.
Yeah... did you see my followup post about the posiblity of using the whole-file checksum as the checksum_seed for the blocksums? I think it would be a good idea for librsync. It does require a double-parse to generate the signature, but is otherwise quite nice. ---------------------------------------------------------------- Donovan Baarda http://minkirri.apana.org.au/~abo/ ---------------------------------------------------------------- -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
