[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Encrypted Repositories. . .?

From: Les Mikesell <lesmikesell_at_gmail.com>
Date: 2007-06-20 18:36:18 CEST

Michael Williams wrote:
>> The relevant point here is that if you don't trust the machine
>> administrator you can't trust anything on it including any means that
>> you might use to supply an encryption key.
> . . .again, I go back to my car analogy: Do you leave your car unlocked
> just because you park it in a "safe place"?

No, but I give my keys to parking attendants in places where I'm paying
for them to take reasonable precautions.

> Likely not; you likely
> take every reasonable precaution to protect it (e.g. locking it, and
> arming any alarm you may have).

Reasonable precautions are reasonable. If you don't think your hosting
is reasonable, move it.

> Now, I'm not suggesting placing this
> behind 4 feet of tempered steel with 24 hour armed guard. What I *am*
> suggesting is a simple encryption scheme to add a bit more security.
> And, as I said, with Cryptlib, I don't see this being a major problem.
> At this point, I'm simply looking for some implementation insights.
> Thanks.

If you don't mind the root user having your keys, you can encrypt the
disk partition and require the key/passphrase when mounting it. There's
  probably a way to push this to an encrypted file that can be mounted
as a filesystem by a user with the key as long as you don't have any
illusions about hiding this exchange from the administrator. It doesn't
make much sense to make every application handle it on its own.

   Les Mikesell
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Jun 20 18:35:29 2007

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.