1 |
Arun Raghavan wrote: |
2 |
>> We could use such an identifier to identify repeated submissions |
3 |
>> (users should send in more up to date again later) and handle |
4 |
>> some kind of "database pollution" attacks. We wouldn't catch |
5 |
>> attackers that change their MAC before submission. |
6 |
> |
7 |
> Not sure how you can deal with this. How does Smolt or Debian's thing |
8 |
> deal with it? |
9 |
|
10 |
About Debian popcon: |
11 |
|
12 |
The file |
13 |
|
14 |
/etc/popularity-contest.conf |
15 |
|
16 |
contains a key MY_HOSTID which is initialized during package |
17 |
installation through this code: |
18 |
|
19 |
generate_id() { |
20 |
if [ -x /usr/bin/uuidgen ] ; then |
21 |
MY_HOSTID=`uuidgen | tr -d -` |
22 |
else |
23 |
MY_HOSTID=`dd if=/dev/urandom bs=1k count=1 2>/dev/null \ |
24 |
| md5sum | sed 's/ -//'''` |
25 |
fi |
26 |
} |
27 |
|
28 |
The result is a 32 digit hex string. On submission, data for that |
29 |
host ID is replaced by the new set of data. |
30 |
|
31 |
|
32 |
|
33 |
Sebastian |