[support] Physical File Encryption
Tapani Tarvainen
drupal at tapanitarvainen.fi
Fri Mar 30 06:39:40 UTC 2012
On Mar 30 09:16, Amit Vyas (vyasamit2007 at gmail.com) wrote:
> Anyone knows about any Encryption solution for physical files?
> My scenario is when user uploads any file OR if I create any file
> programmaticaly then the file should be stored in encrypted formate, when
> anyone want to retrieve the file, it should decrypt and then serve to the
> user. So basically I want a complete file system encryption.
Encrypting entire file systems is pretty standard procedure in most
current Linux distributions (ditto for *BSD or Windows or whatever):
just encrypt the filesystem using operating system tools, Drupal
doesn't need to know about it at all.
On Mar 30 16:36, Gordon Heydon (gordon at heydon.com.au) wrote:
> you could use fuse to mount an encrypted filesystem and point your
> upload directory to that
Yes.
> But local encryption in PHP is like tits on a bull, not much use.
> Since drupal will need the private key to encrypt/decrypt the file
> in the first place, and all the code is in plain text
Yes. There are a few scenarios where it might be useful
(e.g., if the data is mounted from a less-trusted machine
or cloud), but in most cases it's really useless.
Perhaps it would be helpful if you'd clarify exactly what
kind of attacks you're trying to protect against with
encryption.
--
Tapani Tarvainen
More information about the support
mailing list