[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Shredding private/confidential information‏

From: Steven <meteor3000_at_hotmail.com>
Date: Tue, 28 Apr 2009 12:16:23 +0200

> Ryan Schmidt wrote:
> > On Apr 27, 2009, at 17:19, Todd C. Gleason wrote:
> >
> >> I'm not arguing against a universal OS solution, but I wouldn't
> >> hold my breath for one either. I was merely pointing out that
> >> Subversion could choose to offer security enhancements in this
> >> area. If you did put shredding in, you might want an svn
> >> subcommand to shred an entire WC as well.
> >>
> >> Note that I'm also not debating the priority of such a feature
> >> (because I don't personally need it).
> >>
> >> However, arguing that some things are out of your control seems to
> >> me like saying that it's not worthwhile to do X unless everybody
> >> else is doing it. (Pick your favorite altruistic cause here.)
> >> Besides, for those non-svn areas the user may already have
> >> shredding utilities, and simply want something to cover the svn
> >> portion.
> >
> > But, to your first paragraph, there would be absolutely no difference
> > in shredding an entire working copy vs. shredding any other directory
> > on your computer. Just install a secure deletion program and use it
> > on the working copy, or any other file or directory.
> There are temporary log files and other files svn client will use during its
> normal operation which will get deleted, so the bytes will still exist on the
> disk platter.

This is exactly what I meant. From the moment I trust my files to SVN, I can't track or control where it spreads my data.


The fact that data persists in the repository is not the (my) problem. Because I *know* where it is, and I know what I have to do if I wish to shred it. Neither is there a problem to shredding an entire working copy. The problem arises when SVN, as part of its daily operation, disposes any file that contains copies of confidential data, because copies of confidential data should be shredded.


It has been argued that the safe disposal of confidential data is not the responsibility of SVN, because other programs share the same problem. But the uncontrolled-copying-of-data problem is worse with SVN than with any other program I've seen. So it would make sense to me if SVN gave me the option to NOT spread all my data across the disk. Without me having to know about logfiles in the tempdir.


If SVN has to make copies all over the place, while handling working copies, then it has to; but just disposing them seems unscrupulous for some kinds of files.


If switching to CVS solves any problem, than SVN has failed it's mission :p



 - Steven

Express yourself instantly with MSN Messenger! Download today it's FREE!


To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-04-28 12:17:23 CEST

This is an archived mail posted to the Subversion Users mailing list.