Re: Encrypted Repositories. . .?

From: Theo Van Dinter <felicity_at_kluge.net>
Date: 2007-06-20 07:55:56 CEST

On Wed, Jun 20, 2007 at 01:10:32AM -0400, Michael Williams wrote:
> That's just it. They have access to the folders in which our source
> is saved, so if we could have some sort of PKI to encrypt the
> repository on the disk it wouldn't matter who had access (root or
> otherwise) as long as they don't have our keys.

The point was that if others have root, you really have no protection of
your data. They can modify your binaries, your config, read the process'
memory, etc.

I suppose you could modify the svn clients such that they encrypt
the data before sending it to the server, such that the subversion
repository would be full of encrypted files. Then your data is never
available in plaintext on the server.

My POV is that it would be easier/more efficient to just get a server
that you can trust, but YMMV. :)

-- 
Randomly Selected Tagline:
 "I gotta be sure this isn't another scientific fraud like global warming
 or second-hand smoke." -Mayor

application/pgp-signature attachment: stored

Received on Wed Jun 20 07:55:59 2007

This message: [ Message body ]
Next message: Michael Williams: "Re: Encrypted Repositories. . .?"
Previous message: Theo Van Dinter: "Re: Encrypted Repositories. . .?"
In reply to: Michael Williams: "Re: Encrypted Repositories. . .?"
Next in thread: Michael Williams: "Re: Encrypted Repositories. . .?"
Reply: Michael Williams: "Re: Encrypted Repositories. . .?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]