Hello Pierre,
Am 2007-04-25 00:17:03, schrieb Pierre THIERRY:
> Scribit Michelle Konzack dies 24/04/2007 hora 16:40:
> > I would suggest to add a new header like "Crypted: <gpg_key>" and then
> > crypt the data.tar.gz (in the Debian package).
>
> I think you're targetting the wrong layer of the system. If many
> packages contain so much sensitive data, it would be easier to encrypt a
> tarball or part of a FS where packages are read.
The packages are in general on the Server!
Like all other ones.
> As far as D-I is concerned, you could probably easily add a udeb to deal
> with decrypting and unpacking of that senstive part, and leave apt and
> dpkg untouched.
You mean, put the crypred tarball into the DEB? This mean, I will
install stuff where the System (dpkg) do not know aout it.
> On the other hand, if not all the Debian package is sensitive, you
> better be encrypting data inside it, and have the application or an
> helper decrypt it when needed, maybe in maintainer scripts.
I was trying this too, but Sometimes I get conflicts with Packages
containing the same files. This is, WHY I would let dpkg/apt do
the stuff
Thanks, Greetings and nice Day
Michelle Konzack
Systemadministrator
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSN LinuxMichi
0033/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
Attachment:
signature.pgp
Description: Digital signature