> -----Original Message-----
> From: Michael Williams [mailto:gberz3@gmail.com]
>
>
> Please see my last post. I understand what you're saying, but it
> doesn't matter whether they're root or not if the actual repository
> itself is encrypted with keys. I realize that I will lose a bit of
> the other SVN convenience (e.g. plain text files), but I'm not
> concerned about that. I realize too that this would increase server
> load; again, not my concern. My only goal is source control
> that is
> encrypted both in transmission and persistence.
>
> Understand too, my concern with potential physical theft. Granted,
> that's not very likely, but it's not impossible either. In
> the event
If there are encryption keys, they have to be located somewhere, and if
they're on the disk that's stolen, then a thief might still have enough to
defeat the encryption. That's particularly possible if he knows enough about
your operations, or can cajole information from someone who does. If they
are on some other disk available to the server, the thief merely steals two
disks instead of one to obtain them.
> that drives and/or data come up missing (e.g. Anthem BCBS, TJ Maxx,
> Marshall's), I'd rather know that no one is getting my source.
Aother issue is that you can be denied access to the source. If an
untrusted person has root access, that person can simply destroy your
repository, encrypted or not. That's the point that some others have made
about root access. The attacker would not have your source, but you wouldn't
either.
Even without damaging the system, a rootkit or other malicious program could
do a lot of damage just by monitoring your server activity. That might be
very hard to discover.
Erik
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Jun 20 18:59:37 2007