This commit is contained in:
parent
9c232bfac0
commit
53455fe723
1 changed files with 29 additions and 0 deletions
|
@ -0,0 +1,29 @@
|
|||
### Please describe the problem.
|
||||
|
||||
A special remote for Google cloud storage would appear to send the developer keys in the clear.
|
||||
Obviously the content itself can be secured with the encryption but sending the auth keys in
|
||||
the clear permits anybody listening (i.e. at a public WiFi access point) to gain r/w access to
|
||||
the user's GCS store.
|
||||
|
||||
### What steps will reproduce the problem?
|
||||
|
||||
Setup a new special remote:
|
||||
|
||||
git annex initremote gcs type=S3 chunk=2MiB encryption=none host=storage.googleapis.com bucket=gitannex
|
||||
...
|
||||
git move --to=gcs blah
|
||||
|
||||
Capture packets. Watch the developer keys go by in the headers. And in this case, see the content too because there's no
|
||||
encryption turned on. But I believe that I know how to fix this.
|
||||
|
||||
I tried to persuade `git annex` to use a SSL connection but without encouraging results:
|
||||
|
||||
git annex initremote gcs type=S3 chunk=2MiB port=443 host=storage.googleapis.com bucket=gitannex
|
||||
initremote gcs (checking bucket...) git-annex: ErrorClosed
|
||||
|
||||
|
||||
### What version of git-annex are you using? On what operating system?
|
||||
|
||||
Debian wheezy, git-annex version: 5.20141024~bpo70+1
|
||||
|
||||
### Please provide any additional information below.
|
Loading…
Add table
Add a link
Reference in a new issue