Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Mongodb, for one, will freak out if you set the system date into the future, interact with it, then set time back. It will think the indices are corrupt and refuse to start. At least that happened to me last year. IIRC, the time stamp is part of generated object ids, so it’s sort of understandable. In the end I returned by computer to the future date, exported data, and rebuilt my collections.


So anyone can bring down Mongo with a compromised ntp server?

That's an inconvenient property to have.


Oh, if you own someone's clock, you can do all sorts of damage.

Want to expire everyone's passwords? Blow up their credit card processing? Those are just the obvious attacks.


Yes but bringing down a database should not be among those things.

Surely we can agree on that.


I’m curious whether there is any database that handles this scenario correctly…or even whether there is a correct behavior for a situation where the system clock is rewound.


Good question. I used to test an auction app I maintained on SqlServer but I never pushed it more than a few hours into the future. To be clear: my experience with MongoDb was a one off local issue. No idea if there are server protections etc.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: