Hello everybody,
I'd like to share a question, and hope to find a simple answer:
How can FSVS avoid showing passwords to unauthorized people?
Me, *personally*, I think -
1) Passwords should be hashed, or similarly unreadable.
But that's not always possible (eg. when needed for IMAP verification)
2) If /etc is protected, the repository storing /etc must be, too.
But sometimes that's forgotten, or the history should be viewable by others,
too.
3) There's the commit-pipe hook, which can be used to filter out any secret
data.
But that's easily to forget, or to get wrong.
Any ideas? I already thought a bit about that, and could offer making FSVS run
as an
ordinary user (or something like that [1]), so that protected files wouldn't get
versioned at all - but that's not ideal, too (as you loose information).
Any ideas? Examples? How do other products solve that?
Regards,
Phil
[1]
The simplest way could be to use a pre-commit-pipe like
sudo -u nobody cat '$1' 2>/dev/null || true
so that protected data would be stored as empty files.
Running FSVS as a different user might work, too (if it ignores all EPERM) -
but then
it'd have to be a special user that can write into the repository.
--
Versioning your /etc, /home or even your whole installation?
Try fsvs (fsvs.tigris.org)!
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
