[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Encrypted Repositories. . .?

From: Theo Van Dinter <felicity_at_kluge.net>
Date: 2007-06-20 07:55:56 CEST

On Wed, Jun 20, 2007 at 01:10:32AM -0400, Michael Williams wrote:
> That's just it. They have access to the folders in which our source
> is saved, so if we could have some sort of PKI to encrypt the
> repository on the disk it wouldn't matter who had access (root or
> otherwise) as long as they don't have our keys.

The point was that if others have root, you really have no protection of
your data. They can modify your binaries, your config, read the process'
memory, etc.

I suppose you could modify the svn clients such that they encrypt
the data before sending it to the server, such that the subversion
repository would be full of encrypted files. Then your data is never
available in plaintext on the server.

My POV is that it would be easier/more efficient to just get a server
that you can trust, but YMMV. :)

-- 
Randomly Selected Tagline:
 "I gotta be sure this isn't another scientific fraud like global warming
 or second-hand smoke." -Mayor 

  • application/pgp-signature attachment: stored
Received on Wed Jun 20 07:55:59 2007

This is an archived mail posted to the Subversion Users mailing list.