> > > I think that client is probably worried about regular users > > > that will have access to the file system, rather than a > > > determined external hacker. > > > > How does the encrypting improve the security of storing the > > files in a directory, which is only readable by selected users, then? > > > > They can only manage to read them, if they obtain that > > particular user's UID. But if they do it, they can probably > > also read /proc/N/mem, effectively bypassing the encryption. > > > I was assuming that the files were sitting in a shared file system > somewhere and were world readable. Now I realise I was going out on a > limb trying to guess the clients reasoning, but I couldn't think of any > another reasons that explained the original request. In my scenario, the files are not in a shared location, per se. They are being sent by an outside source to a sftp server, and then downloaded to an internal machine where the processing will be done. The production machine won't be multi-user per se (we'll be the only ones on it). We're also more interested in 'external cracker' than 'internal sabotage'. This was a decision made by the client as well. I have made it clear to my client time and time again that the security of that box will make a bigger difference in the long run than PGP encrypting the files on it ever will (they implemented this PGP everything policy before any other security policies). What I'm trying to do is determine for the future the best way to keep files encrypted while still being able to access them through batch jobs (no human interaction), and process their data (un-encrypt them only while using them, but not storing a temporary un-encrypted form of the file). It sounds like having a separate 'secure' box to handle the encryption seems like a good way to go. This at least centralizes ones private key(s), and thus administration. -- // Andrew MacKenzie | http://www.edespot.com // An intellectual snob is someone who can listen to the William Tell // Overture and not think of The Lone Ranger.
This archive was generated by hypermail 2b30 : Wed Jan 08 2003 - 11:20:01 PST