[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Automating backups to an encrypted drive



On Sat, Jan 26, 2008 at 08:56:14 -0800,
  Richard England <rlengland verizon net> wrote:
> I'm not much help in this area but I think the OPs issue is having a 
> script with an embedded password.  If the script has to sudo or su to 
> the correct environment to mount the drive and/or perform the backup to 
> a drive with the encryption scheme the password would be in plain text 
> and therefore compromised.

A more useful answer would be why is the script mounting the device?
It seems it would be more normal to have someone who knows the password
enter it when the device is first plugged in. The script could just check
to see if the device is available when it runs (and send some sort of reminder
if it isn't).
If the answer to the above question is because he doesn't want the encrypted
drive mounted all of the time, then it would be useful to hear what the
threat model is that produces that requirement.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]