diff options
author | Joey Hess <joeyh@joeyh.name> | 2017-04-27 13:37:13 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2017-04-27 13:37:13 -0400 |
commit | f6a9cd9c705850a19e2677150c1168bea1a7a9c7 (patch) | |
tree | 3e97ac2a0b25597d5917578b5e674194bc405a37 | |
parent | 5c542bb09e51eeb407a59f5bd4a2c6c460863446 (diff) | |
download | debug-me-f6a9cd9c705850a19e2677150c1168bea1a7a9c7.tar.gz |
idea
-rw-r--r-- | TODO | 12 |
1 files changed, 12 insertions, 0 deletions
@@ -43,6 +43,18 @@ * How to prevent abusing servers to store large quantities of data that are not legitimate debug-me logs, but are formatted like them? Perhaps add POW to the wire protocol? Capthca? + + The user's email address is sent to the server when starting a debug-me + session, and once the session ends, the server emails the log file + to that address. This serves two purposes: + + 1. It makes sure that the user gets a copy of the session log, + which the developer cannot delete. + 2. Once the server has emailed the log, it's free to delete its + copy to free up disk space. Since servers don't have to retain + log files for long, this makes them unattractive to abusers + who might otherwise try to store large quantities of data. + * --server --replicate=host could connect to the other server and forward sessions to it. It should be easy to make the replicate bi-directional, so a developer could connect to the other server and their messages be |