← Back to team overview

launchpad-dev team mailing list archive

Re: Private Projects LEP


On Mon, Jul 30, 2012 at 3:10 PM, Robert Collins
<robert.collins@xxxxxxxxxxxxx> wrote:
> On Tue, Jul 31, 2012 at 6:26 AM, Aaron Bentley <aaron@xxxxxxxxxxxxx> wrote:
>> Hash: SHA1
>> On 12-07-30 10:01 AM, Matthew Revell wrote:
>>> https://dev.launchpad.net/LEP/PrivateProjects
>>> An untrusted user cannot guess the name of a private project based
>>> on the error message given when trying to register a new project
>>> with the same name.
>> How do we accomplish this?
> One way would be to document that we blacklist names, and make the
> error when a name is blacklisted identical to the error when the name
> is already taken.

That approach would provide plausible deniability.  I wonder if that is
sufficient.  I also wonder if more is even possible.

For example, If someone tries to create a project named
"canonical-on-mars" and LP says that it is a blacklisted name and they
probe the system and find that other forms of "canonical-on-*" are
allowed, I doubt it will take them long to realize that Mars is the
first planet in our secret off-world colonization effort.
Benji York