git-annex/doc/privacy.mdwn

45 lines
1.9 KiB
Text
Raw Normal View History

2013-06-26 18:45:12 +00:00
git-annex users entrust it with data that is often intensively private.
Here's some things to know about how to maintain your privacy while using
git-annex.
## browsing this web site
This website supports https. [Use it.](https://git-annex.branchable.com/privacy/)
2013-06-26 18:45:12 +00:00
## repository contents
In general, anyone who can clone a git repository gets the ability to see
all current and past filenames in the repository, and their contents.
It's best to assume this also holds true for git-annex, as a general rule.
There are some obvious exceptions: If you `git annex dropunused` old
content from all your repositories, then it's *gone*. If you `git annex
move` files to a offline drive then only those with physical access can see
their content. (The names of the files are still visible to anyone with a
clone of the repository.)
git-annex can encrypt data stored in special remotes. This allows you to
store files in the cloud without exposing their file names, or their
contents. See [[design/encryption]] for details.
2014-01-14 06:15:09 +00:00
When using the shared encryption method, the encryption key gets stored
2013-06-26 18:45:12 +00:00
in git, and so anyone who has a clone of your repository can decrypt files
from the encrypted special remote.
When using encryption with a GPG key or keys, only those with access to the
GPG key can decrypt the content of files stored in an encrypted special
remote.
## bug reporting
2014-05-30 19:31:49 +00:00
When you file a [[bug|bugs]] report on git-annex, you may need to provide
2013-06-26 18:45:12 +00:00
debugging output or details about your repository. In general, git-annex
does not sanitize `--debug` output at all, so it may include the names of
files or other repository details. You should review any debug or other
output you post, and feel free to remove identifying information.
If you prefer not to post information publically, you can send a GPG
2013-06-26 18:45:12 +00:00
encrypted mail to Joey Hess <id@joeyh.name> (gpg key ID 2512E3C7).
Or you can post a public bug report, and send a followup email with private
details.