[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Students' Project seeks help

From: Tom Widmer <tom.widmer_at_gmail.com>
Date: Mon, 01 Aug 2011 16:02:59 +0100

On 01/08/2011 15:28, Bob Archer wrote:
>> Hi Everybody,
>> thanks for all the quick repsonses. I myself wasn't able to answer
>> until
>> now since we wanted to discuss things in our group.
>> We plan to integrate this so that a compromised server does not
>> allow
>> the attacker to read data, even if he has got access to the
>> repositories, no matter how he got it. The "Professor" who gave
>> this
>> task to us, is willing to accept the loss in performance for the
>> enhanced security.
> Is this just an academic exercise? I think putting the repository on a truecrypt drive would solve the above requirement.

Only if all clients can access the drive via the file: protocol (which
is obviously not a scalable, safe or general purpose solution). If you
access via http(s): or svn:, then obviously the server will need the
decryption keys one way or another, which defeats the objective I think.

Received on 2011-08-01 17:03:46 CEST

This is an archived mail posted to the Subversion Dev mailing list.