[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: prevent Linux root from seeing my files

From: Campbell Allan <campbell.allan_at_sword-ciboodle.com>
Date: Tue, 30 Nov 2010 10:34:58 +0000

On Monday 29 Nov 2010, Piotr Kabaciński wrote:
> On 11/29/2010 12:50 PM, Campbell Allan wrote:
> >> If you are able to create dedicated partition you could encrypt repo
> >> like described here:
> >> http://www.hypersphere.org/personal/svn.shtml
> >
> > With some pretty important drawbacks, the no diff/conflict resolution
> > would be a dealbreaker for me
>
> With encryption on filesystem level files in repo are not saved as
> binary (in terms of svn). Svn with repo works like it works before.
> Drawback is that OS has to compress and decompress file every time you
> need to commit/checkout.
> Diff would be useless if you encrypt every file before commit, and send
> it as binary, and that is not this situation.
>
> greetings
>

I'm going to have to reread the page but those points were taken from the
author of the web page and are not my own.

My understanding is that subversion operations are applied on the working copy
but edits must be done within the FUSE mountpoint of the working copy that
decrypts and encrypts the files. Therefore diff does not work as this is done
on the encrypted version of files. If a diff was tried from within the FUSE
mountpoint then the pristine copies of files would now be decrypted to
something completely different than expected.

The upside is that the repository contents *are* secure as everything sent to
the repository is encrypted, the problem is that it severely cripples the
features of subversion and it might be just as good to use a local repository
and back it up (with encryption) to the remote server.

> > * The svn diff command is rendered useless, as the repository itself is
> > comprised, entirely, of encrypted data.
> > * The repository will be enormous. Because the data is all encrypted with
> > a block cipher, Subversion will be incapable of efficiently storing
> > diffs, and compression programs (such as BZip) will, also, have little
> > effect. A few basic tests have shown a 300% increase in repository size,
> > making it wise to restrict the amount of data stored therein.
> > * Conflict-resolution via subversion will also be useless. If a conflict
> > occurs, you'll have to manually merge the two versions on the mountpoint.

-- 
__________________________________________________________________________________
Sword Ciboodle is the trading name of ciboodle Limited (a company 
registered in Scotland with registered number SC143434 and whose 
registered office is at India of Inchinnan, Renfrewshire, UK, 
PA4 9LH) which is part of the Sword Group of companies.
This email (and any attachments) is intended for the named
recipient(s) and is private and confidential. If it is not for you, 
please inform us and then delete it. If you are not the intended 
recipient(s), the use, disclosure, copying or distribution of any 
information contained within this email is prohibited. Messages to 
and from us may be monitored. If the content is not about the 
business of the Sword Group then the message is neither from nor 
sanctioned by us.
Internet communications are not secure. You should scan this
message and any attachments for viruses. Under no circumstances
do we accept liability for any loss or damage which may result from
your receipt of this email or any attachment.
__________________________________________________________________________________

Received on 2010-11-30 11:36:10 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.