On 21 March 2011 12:54, Bert Freudenberg <bert at freudenbergs.de> wrote:
>
> On 21.03.2011, at 12:40, Marcus Denker wrote:
>
>>
>> On Mar 21, 2011, at 12:23 PM, Sven Van Caekenberghe wrote:
>>
>>>
>>> On 21 Mar 2011, at 11:20, Bert Freudenberg wrote:
>>>
>>>> SqueakSource is simply a WebDAV server. All the versioning logic is local, implemented in Monticello, so allowing overwrites is not really SqueakSource's "fault". Besides, even if SqueakSource disallowed overwriting a version (which it probably should) nothing would prevent somebody else to upload a *new* version that did something bad.
>>>
>>> Yes versioning/naming is local and distributed, that is a feature. One cannot rely on the name alone.
>>> However, it is most certainly a bug that a server happily overwrites existing versions, a version control system should never do that.
>>>
>>> Your other points a valid, of course.
>>>
>>>
>> I think that "security" was not meant in the sense of accidentally loading wrong code. More in the sense that one could just
>> delete all your code. Even though we have backups of the SqueakSource filesystem, you don't want that, as it would be a
>> mess to repair.
>>
>>       Marcus
>
>
> IIRC SqueakSource keeps the old version as a separate file when "overwriting", so nothing is really lost. It's cumbersome to restore though indeed.
>

yeah, we saw that mechanism there. But have no idea where it storing backups :)

> - Bert -
>
>
>
>



-- 
Best regards,
Igor Stasenko AKA sig.