[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: RE: file encryption

From: Gale, David <David.Gale_at_Hypertherm.com>
Date: 2005-10-26 15:16:10 CEST

Leon Zandman wrote:
>> That way I would have exactly what I want: a repository
>> accessible only by certain users, even if they would access
>> the server directly with a file manager...
> If the server is maintained by students they will certainly have the
> root (administrator) password and maybe even have physical access to
> the machine. This means they can easily change the access credentials
> and give themselves access to the repositories again.
> I don't think there is an easy solution for your problem. I would
> never let sensitive information be maintained by people who shouldn't
> have access to it. I suggest your put the repositories on a server
> that isn't maintained by those students.
> It's like asking Saddam to store America's atomic bombs :-)

I agree. The janitors at the Pentagon may just be janitors, but they
better've gone through security clearance. They're just there to
maintain the building, not the information (or people) contained within,
but they do have keys to everything...

It's the same with repository maintenance. If you've got access to
change the server configuration, you've got access to change who's
authorized to access the data--at which point it doesn't matter whether
or not you're supposed to have access. And if you don't give them
access to change the configuration, there're limits to what sorts of
maintenance they can do.


To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Oct 26 15:22:07 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.