LISTSERV 16.5 - XROOTD-DEV Archives

Well, the answer is yes but the unfortunate problem is we don't have a good way to get around it in an expeditious way. Fortunately, where this is needed for x509 based XRootD TPC is for source selection and that is inherently much less dangerous since if there is any kind of spoofing the checksum should catch it in the end. It also helps that XRootD TPC only allows pull requests which minimizes (though does not eliminate) the severity of the exposure.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/xrootd/xrootd","title":"xrootd/xrootd","subtitle":"GitHub repository","main_image_url":"https://assets-cdn.github.com/images/email/message_cards/header.png","avatar_image_url":"https://assets-cdn.github.com/images/email/message_cards/avatar.png","action":{"name":"Open in GitHub","url":"https://github.com/xrootd/xrootd"}},"updates":{"snippets":[{"icon":"PERSON","message":"@abh3 in #844: Well, the answer is yes but the unfortunate problem is we don't have a good way to get around it in an expeditious way. Fortunately, where this is needed for x509 based XRootD TPC is for source selection and that is inherently much less dangerous since if there is any kind of spoofing the checksum should catch it in the end. It also helps that XRootD TPC only allows pull requests which minimizes (though does not eliminate) the severity of the exposure. "}],"action":{"name":"View Pull Request","url":"https://github.com/xrootd/xrootd/pull/844#issuecomment-430894268"}}} [ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/pull/844#issuecomment-430894268", "url": "https://github.com/xrootd/xrootd/pull/844#issuecomment-430894268", "name": "View Pull Request" }, "description": "View this Pull Request on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } }, { "@type": "MessageCard", "@context": "http://schema.org/extensions", "hideOriginalBody": "false", "originator": "AF6C5A86-E920-430C-9C59-A73278B5EFEB", "title": "Re: [xrootd/xrootd] Always fall back to reverse DNS if trusted (#844)", "sections": [ { "text": "", "activityTitle": "**Andrew Hanushevsky**", "activityImage": "https://assets-cdn.github.com/images/email/message_cards/avatar.png", "activitySubtitle": "@abh3", "facts": [ ] } ], "potentialAction": [ { "name": "Add a comment", "@type": "ActionCard", "inputs": [ { "isMultiLine": true, "@type": "TextInput", "id": "IssueComment", "isRequired": false } ], "actions": [ { "name": "Comment", "@type": "HttpPOST", "target": "https://api.github.com", "body": "{\n\"commandName\": \"IssueComment\",\n\"repositoryFullName\": \"xrootd/xrootd\",\n\"issueId\": 844,\n\"IssueComment\": \"{{IssueComment.value}}\"\n}" } ] }, { "name": "Close pull request", "@type": "HttpPOST", "target": "https://api.github.com", "body": "{\n\"commandName\": \"PullRequestClose\",\n\"repositoryFullName\": \"xrootd/xrootd\",\n\"pullRequestId\": 844\n}" }, { "targets": [ { "os": "default", "uri": "https://github.com/xrootd/xrootd/pull/844#issuecomment-430894268" } ], "@type": "OpenUri", "name": "View on GitHub" }, { "name": "Unsubscribe", "@type": "HttpPOST", "target": "https://api.github.com", "body": "{\n\"commandName\": \"MuteNotification\",\n\"threadId\": 397555039\n}" } ], "themeColor": "26292E" } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1