Forum: CFEngine Help Subject: Re: Thoughts of encrypting the entire Cfengine workspace? Author: mikesphar Link to topic: https://cfengine.com/forum/read.php?3,25714,25763#msg-25763
Truecrypt is a solid product but it operates on the premise of user intervention. A human agent has to enter a password to allow access to encrypted data for a session. At that point the data is accessible on the system in decrypted form to someone with root access. (I'm happy to be corrected on this, but this is my understanding.) It doesn't solve the problem of sending sensitive data to what is essentially an untrusted client. (We're saying that people have root access to client machines whom we do not trust, be they developers or malicious hackers.) We're trying to engineer a way to send data to people that we don't want them to see. In my opinion the entire premise is flawed and is ultimately an unsolvable problem. All you can do is make the system more and more complex and more and more inconvenient which will only ever discourage the casual snooper. (Again that DRM metaphor is apt.) In my opinion the proper approach to securing information from an untrusted client is to not send that client the secure information at all. If we were going to suggest fundamental changes to how cfengine operates I think the better approach would be to consider ways for the policy server to deliver custom policies to clients that contain only policies relevant to that client at that time. I don't necessarily agree th is is good or necessary, but I think it's a better and more achievable approach than encryption. _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
