On 09/11/2010 07:13, Aryeh Friedman wrote: > On Sat, Sep 11, 2010 at 7:07 AM, Aryeh Friedman > <aryeh.fried...@gmail.com> wrote: >>> >>> Firstly this just sounds like a case where the admin needs to provide a >>> equally sound and safe way of making sure everything is cleaned up on >>> logout and is offering a global way of doing it so the developer will >>> not forget. >> >> In this case the admin and developer are the same person... namely at >> the clients request I am the only person allowed to work on the >> project and I just want to make it so I can't accidently do something >> like control-d or something like that and leave a plain text version >> of a project that has a very strict NDA laying around (liquidated >> damages of $250k)... the scenrio is we a are a team (each one of us is >> in diff city) of freelance CS people and all use the same server for >> all our development to make cooperation possible when needed (not in >> this case) have centralized backups, etc. and as mentioned on this one >> project the client has forced me to sign a NDA saying I can't even >> show the code to the other team members without the client's >> permission and thus am storing the repo using security/fuse-encfs, but >> since the version control system (devel/aegis) requires creating a >> development directory that is not encrypted I want to force/remind >> myself to checkin what ever I was working into the encrypted repo when >> I go "home" (it is a home office ;-)) at night or out to lunch >> > > Forgot to mention all these percautions are to make the client > comfortable with letting me take advanatage of the server's > development enviroment instead of spending almost a week configuring > the same env on my desktop machine... namely I trust the other team > members to not look at the code even if it was not encrypted.
In that case would it make sense to just use tmpfs or some other destructive file-system when it gets unmounted. Maybe one-time encryption offered by geli(8) on a mdconfig(8) swap-file for just the source that you checkout. Implement it using amd(8). Don't know if this is a possible scenario but gives you a little more to consider. Regards & good luck, -- jhell,v _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
