[Zope] Re: [Zope-dev] Size of Data.fs - and crypto.

Marcin Kasperski Marcin.Kasperski@softax.com.pl
Mon, 11 Sep 2000 16:39:32 +0200


> 
> Another thing.  Have anyone tried to encrypt all data inside the
> Data.fs file?  I mean, encrypted the data so that not even root can
> access it, only if you have the right passphrase (or whatever) in the
> management interface are you allowed access to the data.
> 

You got some suggestions to rewrite pickling routines.

I have another simple idea: what about leaving zope intact and putting
Data.fs on cryptographic filesystem? There are some implementations
freely available within Linux kernel...

By the way: whichever method to encrypt data you would use, you will
face the same problem:
- either you must manually enter some password after each system or zope
startup 
- or you must put the password (key,seed,.. whatever) somewhere on the
filesystem - where it can be easily read at least by the root.

-- Serwis dla programistów, kącik mieszkaniowy: http://www.mk.w.pl
|
| You have the right to see progress in a running system, proven to work
| by passing repeatable tests that you specify. (Ken Beck's Second      
| Customer Right)