mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Added a comment: Security of P2P repo is unclear

Browse source
This commit is contained in:
dvicory 2017-02-28 20:30:31 +00:00 committed by admin
parent 739aa3a38e
commit e4642a2452
1 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
doc/tips/peer_to_peer_network_with_tor/comment_1_72d4ea5ffa23f5048c453c2e7510e2f0._comment Normal file
View file

@ -0,0 +1,12 @@
[[!comment format=mdwn
username="dvicory"
avatar="http://cdn.libravatar.org/avatar/9e4b9df55a9c1440101dc66aa0a6b62d"
subject="Security of P2P repo is unclear"
date="2017-02-28T20:30:30Z"
content="""
In the security section, you say that
> Anyone who learns the address of a peer can connect to that peer, download the whole history of the git repository, and any available annexed files. They can also upload new files to the peer, and even remove annexed files from the peer. So consider ways that the address of a peer might be exposed.
Do you mean the addresses from `git annex peer --gen-addresses` here? Say, if someone has only my onion service address, and none of the authentication data that is normally placed in `.git/annex/creds/`, what can they do with my git repository? I think I might be confused by the use of \"address\" because of onion addresses, which are not private.
"""]]