request: encryption support on file open/save
Robert Graham Merkel
rgmerk@mira.net
Thu, 7 Sep 2000 17:44:13 +1100
Christopher Browne writes:
> On 06 Sep 2000 11:59:50 EDT, the world broke into rejoicing as
> Derek Atkins <warlord@MIT.EDU> said:
> > Why not just use a crypto filesystem? PGP (and gpg) are useful for
> > encrypting files for transmission, but really should not be used for
> > long-term data storage. You should be using data-storage encryption
> > for that.
>
> That's a good thought...
>
> There's a whole lot of merit to installing something like CFS
> <http://fire.csua.ucla.edu/security/#cfs> that takes a directory and
> mounts it using an NFS interface on /crypt, thus...
>
> % cmkdir ~/private.files
> Key: [my secret key]
> Again: [my secret key]
> % cattach ~/private.files private
> Key: [my secret key]
> % mv mygnucashfile.xac /crypt/private
> % ls -l /crypt/private
> total 58
> -rw-rw-r-- 1 cbbrowne cbbrowne 57420 Sep 6 21:11 mygnucashfile.xac
> % ls -l ~/private.files
> total 58
> -rw-rw-r-- 1 cbbrowne cbbrowne 57428 Sep 6 21:11 8387f035eb45002b69b632f86dd511fcdf84886d02e34fed
>
> Note that this approach is usable for _ANY_ application, and as it
> requires _NO_ code internal to applications, apps are not vulnerable
> to there being a one line error that _demolishes_ the integrity of the
> security scheme.
That all sounds quite solid reasoning to me. I've taken a security
class, which didn't teach us all that much about how to design secure systems,
but was quite good at showing just how easy it was to make insecure
ones.
Of course, I hope that anyone who encrypts their gnucash data
remembers to also encrypt their swap file . . .
------------------------------------------------------------
Robert Merkel rgmerk@mira.net
------------------------------------------------------------