From: Cameron Dale Date: Sat, 8 Mar 2008 00:38:33 +0000 (-0800) Subject: Another TODO item. X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=5e73ae20956e409b7f70ab292af360aa41b49c93;p=quix0rs-apt-p2p.git Another TODO item. --- diff --git a/TODO b/TODO index 192670b..f726992 100644 --- a/TODO +++ b/TODO @@ -61,6 +61,16 @@ first piece, in which case it is downloaded from a 3rd peer, with consensus revealing the misbehaving peer. +Consider tracking security issues with packages. + +Since sharing information with others about what packages you have +downloaded (and probably installed) is a possible security +vulnerability, it would be advantageous to not share that information +for packages that have known security vulnerabilities. This would +require some way of obtaining a list of which packages (and versions) +are vulnerable, which is not currently available. + + Consider adding peer characteristics to the DHT. Bad peers could be indicated in the DHT by adding a new value that is