On 06 Sep 2000 11:59:50 EDT, the world broke into rejoicing as
Derek Atkins <[EMAIL PROTECTED]> said:
> Why not just use a crypto filesystem? PGP (and gpg) are useful for
> encrypting files for transmission, but really should not be used for
> long-term data storage. You should be using data-storage encryption
> for that.
That's a good thought...
There's a whole lot of merit to installing something like CFS
<http://fire.csua.ucla.edu/security/#cfs> that takes a directory and
mounts it using an NFS interface on /crypt, thus...
% cmkdir ~/private.files
Key: [my secret key]
Again: [my secret key]
% cattach ~/private.files private
Key: [my secret key]
% mv mygnucashfile.xac /crypt/private
% ls -l /crypt/private
total 58
-rw-rw-r-- 1 cbbrowne cbbrowne 57420 Sep 6 21:11 mygnucashfile.xac
% ls -l ~/private.files
total 58
-rw-rw-r-- 1 cbbrowne cbbrowne 57428 Sep 6 21:11
8387f035eb45002b69b632f86dd511fcdf84886d02e34fed
Note that this approach is usable for _ANY_ application, and as it
requires _NO_ code internal to applications, apps are not vulnerable
to there being a one line error that _demolishes_ the integrity of the
security scheme.
--
[EMAIL PROTECTED] - <http://www.ntlug.org/~cbbrowne/crypto.html>
Pound for pound, the amoeba is the most vicious animal on earth.
_______________________________________________
gnucash-devel mailing list
[EMAIL PROTECTED]
http://www.gnumatic.com/cgi-bin/mailman/listinfo/gnucash-devel
