Re: Automatic encryption of stored messages

"Mikhail T." <mi+thun@xxxxxxxxxxxxxxxxx> · Wed, 28 Apr 2010 11:06:05 -0400

28.04.2010 04:27, Dan White написав(ла):
On
27/04/10 10:40 -0400, Mikhail T. wrote:

  Is there a way to encrypt all of the Cyrus'
user-specific files on the  disk? So that somebody breaking in -- or
stealing the server -- has no  access to the messages (and other data)
unless a user's password is also  available?

Interesting question! info-cyrus list is probably more appropriate for

this question.

Having to subscribe to yet-another mailing list,
just to be able to send an occasional question or idea, is a
turn-off... If this is off-topic on this list, I'll just shut-up...

     * A user logs in using a pam-module, which
creates a symlink such as

     /tmp/cyruspw/user -> somehash(salt+password+user).

The PAM requirement would force the use of saslauthd, and plaintext
only

authentication mechanisms, which potentially degrades the over-the-wire

security between the client and server.

Whichever way the user's password (or some
function thereof) is communicated to the server -- as long as the
communicated string remains constant... Use of PAM is just a possible
implementation idea -- a way to off-load some of the changes from the
Cyrus' code into a separate little tree (that of the pam-module). The
only degradation I can see is that the methods like OTP would no longer
work... I don't think, this is a big loss, if the entire traffic is
SSL-protected. But that's up to the admin...

Another opt-in approach would be for users to encrypt all private
messages

within the MUA using PGP/GPG.

That approach exists now, but requires each user
and all of their correspondents to set PGP for themselves. It
also requires cooperation from MUA, of course. My way is purely on the
server and transparent to the users.

Yours,

-mi