Re: Encrypted Repositories. . .?

From: Les Mikesell <lesmikesell_at_gmail.com>
Date: 2007-06-20 18:07:43 CEST

Michael Williams wrote:
>
> On Jun 20, 2007, at 11:26 AM, Matt Sickler wrote:
>
>> Perhaps it *could* *somehow* *maybe* be hacked together to "work".
>>
>> SVN does not supply encryption of anything (except the link between
>> server and client when you use https or ssh+svn). If you want to
>> encrypt the repository, use an encrypted filesystem with a on-boot (or
>> on-mount) passphrase.
>> Anything else is just going to be a headache, cost a ton of money,
>> and probably remove what little sanity you seem to have left.
>
>
> I don't see why it would have to be *could* *somehow* *maybe*. The
> Cryptlib libraries are freely available and, I'm assuming, could be
> incorporated to encrypt SVNs process and output. Anyone?

What's to keep someone who would be able to access your files from
replacing your svn binary with a trojan version that steals the
encryption key? If you can't do that, what's the point of giving a
false sense of security?

-- 
   Les Mikesell
    lesmikesell@gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Received on Wed Jun 20 18:06:55 2007

This message: [ Message body ]
Next message: Tobias Schäfer: "Re: TortoiseSVN showing updated files?"
Previous message: Michael Williams: "Re: Encrypted Repositories. . .?"
In reply to: Michael Williams: "Re: Encrypted Repositories. . .?"
Next in thread: Geoffrey: "Re: Encrypted Repositories. . .?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]