Forum: CFEngine Help Subject: Re: Thoughts of encrypting the entire Cfengine workspace? Author: msvob...@linkedin.com Link to topic: https://cfengine.com/forum/read.php?3,25714,25762#msg-25762
I appreciate everyone's comments / suggestions on this thread and think its a really healthy discussion for the community. These problems are very real, and I think its worth some consideration. http://thenextweb.com/me/2012/04/26/hackers-take-down-official-linkedin-blog-for-spreading-lies-about-syria Instead of injecting all of this on-disk encryption software into Cfengine, it almost makes sense to leverage existing projects in the open source community -- similar to how Cfengine leverages other open source projects for its multiple database backends (qbdm, tokyocabinet, etc..) http://www.truecrypt.org/ I'm not exactly sure what the best implementation would be for allowing cf-agent to decrypt / access the encrypted data, but a secure method of executing this is probably possible to accomplish. By leveraging existing open source filesystem encryption technologies the bulk of the code probably wouldn't have to live within Cfengine. This is the community. The Cfengine AS corporation is up to do as it wishes, but, I think this would be a huuuuge feature that would stand the Cfengine technology above and beyond the capabilities of its competitors. Thanks Mike _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
