[ZODB-Dev] Encrypted Storage / XML Documents

John J Lee jjl@pobox.com
Sat, 5 Apr 2003 17:32:17 +0100 (BST)


On Sat, 5 Apr 2003, Dieter Maurer wrote:
> John J Lee wrote at 2003-4-4 15:47 +0100:
>  > On Mon, 31 Mar 2003, Nick Pavlica wrote:
>  >
>  > >   1) Is  there an encrypted or secure storage for ZODB?  I want to protect the
>  > > data in the storage, even if the user gains full OS access to it.
>  >
>  > That sounds hard / impossible.  I think you need to be clear about
>  > precisely what you're trying to achieve.
>
> I think, Toby has experience with something like this.
>
>   When I understood him right, he simply runs Zope on an encrypted
>   file system.

But, as I said in my reply, that won't help Nick achieve protection of his
data in the event of 'full OS access' by an unauthorized person.  It does
help if somebody arrives with a screwdriver and walks off with the
server's hard drive, though (just make sure you've thought about
encrypting any swap & /tmp, etc. as well as the filesystem where your
Storage lives).  Even then, if somebody has physical access, it's ten
minutes' work to reboot and install some malware that will either give the
cracker root access or install a password / key sniffer.  If you don't
notice the reboot, or attribute it to something less malign, you're in
trouble.  Alternatively, without rebooting, it may still be easier to log
in locally than remotely, and then just read the data off the
already-mounted encrypted filesystem.

IMHO, Bruce Schneier's 'Secrets and Lies' is v. good to get a sense of the
real-world risks and countermeasures of computer / network security.


John