On Thu, 2009-01-15 at 14:38 +0200, Yitzchak Gale wrote:
Duncan Coutts wrote:
We want to let random users on random platforms submit simple anonymous build reports (no logs)... The only downside compared to a more centralised system is that we do not get to centrally monitor the status of the dedicated build clients.
And that we open ourselves up to some serious security concerns - like hostile build reports and DOS.
Detailed build reports with logs are not anonymous, clients will need an account on hackage (ie username and password). Yes, we could get flooded with anonymous build reports, but they're much smaller and hopefully they'll either be obviously bogus or drowned out by the volume of legit reports. So the information content and reliability of each data item is lower but hopefully the volume makes up for it, so long as we do the statistics carefully. As Manlio says, we're always open to DOS attacks. We just have to make sure we're not more vulnerable than average by doing too much work on the server side compared to the work done by the client (ie the processing of anonymous reports has to be fairly cheap). Duncan