[ZODB-Dev] Query Regrading ZODB FileStorage(.fs file)
Tino Wildenhain
tino at wildenhain.de
Sat Dec 31 18:45:00 EST 2005
tav schrieb:
>> Why is it significantly easier to protect the key[s]
>> used for the encryption than the storage itself?
>
>
> one could always passphrase-protect the key, i.e. use symmetric encryption.
>
> admittedly, this could potentially be brute-forced, but ... should be
> good enough for most purposes?
>
And how does your Application (Zope) access the storage?
Exactly. It needs the key - if it has the key - the "attacker"
can just read the data thru the application.
In the end this does not buy you anything but overhead.
If you want to encrypt, just use a crypted filesystem as
DM already suggested. Best performance, best transparency
and well tested.
More information about the ZODB-Dev
mailing list