[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Encrypted Repositories. . .?

From: Michael Williams <gberz3_at_gmail.com>
Date: 2007-06-20 16:14:51 CEST

Again, I have no problem with my current hosting, I'm simply looking
for extra steps. The encrypted server is not an option because 1) it
doesn't protect the "live" data and 2)accessing the server on boot is
a something you'd have to have the admins 5 states over handle. Not
an option. Not to mention, I don't want little "hacker" Jimmy that
found out our server's FTP information to be able to access the source.

That said, having SVN encrypt and decrypt the data on file via
encrypted interprocess communication or whatever is what I'm looking
for. And since SVN would control it from beginning to end, there
wouldn't be much need for "interprocess". I'm not concerned with
whether folks like it, simply whether it's possible. You're saying
no, and you keep falling back on root. As I said, I trust root, but
I don't believe that even they could circumvent the scheme I have
suggested in a reasonable manner.

Besides, this all only keeps the honest people honest, right? I mean
by your standards we should just park our car in a "safe place"
without locking it, right?

On Jun 20, 2007, at 10:00 AM, Stephane Bortzmeyer wrote:

> On Wed, Jun 20, 2007 at 09:46:56AM -0400,
> Michael Williams <gberz3@gmail.com> wrote
> a message of 49 lines which said:
>
>> Alright, alright. . .I thank you for the input, but the personal
>> comments are a bit too much fellas. . . ;)
>
> It's because you apparently do not want to believe a very basic fact:
> you cannot protect your repository against the system
> administrator. Period. If they are root, they can subvert any scheme
> you can conceive (for instance, they can read the private key in the
> Subversion's server memory).
>
> You are simply asking for perpetual motion or squaring of the
> circle. It cannot be done. Period.
>
> If you want a reasonable security, get a dedicated server (it starts
> at US $ 20 / month) and use an encrypted filesystem (so a rogue
> visitor of the data center cannot steal the disk).
>
> It still does not protect you against some attacks (snooping on the
> PCI bus...) so, after that, to improve security, you will need to host
> the server yourself.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Jun 20 16:15:20 2007

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.