launchpad-dev team mailing list archive
-
launchpad-dev team
-
Mailing list archive
-
Message #09551
Re: Private Projects LEP
On Mon, Jul 30, 2012 at 3:10 PM, Robert Collins
<robert.collins@xxxxxxxxxxxxx> wrote:
> On Tue, Jul 31, 2012 at 6:26 AM, Aaron Bentley <aaron@xxxxxxxxxxxxx> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On 12-07-30 10:01 AM, Matthew Revell wrote:
>>> https://dev.launchpad.net/LEP/PrivateProjects
>>
>>> An untrusted user cannot guess the name of a private project based
>>> on the error message given when trying to register a new project
>>> with the same name.
>>
>> How do we accomplish this?
>
> One way would be to document that we blacklist names, and make the
> error when a name is blacklisted identical to the error when the name
> is already taken.
That approach would provide plausible deniability. I wonder if that is
sufficient. I also wonder if more is even possible.
For example, If someone tries to create a project named
"canonical-on-mars" and LP says that it is a blacklisted name and they
probe the system and find that other forms of "canonical-on-*" are
allowed, I doubt it will take them long to realize that Mars is the
first planet in our secret off-world colonization effort.
--
Benji York
References