[CMake] Storing and auto-decrypting sensitive files in cmake
SAFELY and SANELY
Gavin Beatty
gavinbeatty at gmail.com
Mon Jun 18 09:37:21 EDT 2007
On 18/06/07, Gavin Beatty <gavinbeatty at gmail.com> wrote:
> The problem stems from storing configs in a git repository. Here, all
> files are either chmoded 0655 or 0755 meaning anyone knowing where to
> look can find my wpa2 passphrase. What I would _like_ is for ordinary
> user gavin (who owns the repository), to be able to `sudo make
> install`, be asked for the symmetric key passphrase for the file (via
> gpg), cmake to install the decrypted file and remove it post install.
> This way I only have to store the encrypted file in the repository and
> the unfortunately permissive permissions are not an issue.
>
> Thanks for your tips.
>
> On 17/06/07, Jack Kelly <endgame.dos at gmail.com> wrote:
> > Gavin Beatty wrote:
> > > Hello,
> > >
> > > Apologies if this is silly/misplaced/misguided.
> > >
> > > I'd like a way to automate decrypting (via gpg) a file, installing the
> > > decrypted form and removing the temporary decrypted file from the
> > > cmake dir.
> > >
> > > I have tried:
> > > <code>
> > > MACRO(ETC_WPA_INSTALL src)
> > > EXEC_PROGRAM(gpg
> > > ARGS -o ${src} -d "${src}.encrypted"
> > > )
> > > INSTALL(FILES ${src}
> > > DESTINATION /etc/wpa_supplicant
> > > PERMISSIONS OWNER_READ OWNER_WRITE
> > > RENAME wpa_supplicant.conf
> > > )
> > > FILE(REMOVE ${src})
> > > ENDMACRO(ETC_WPA_INSTALL src)
> > > </code>
> > >
> > > but the INSTALL doesn't actually run until `make install` (as
> > > expected) whereas everything else does. So I get a decrypted file
> > > which is immediately removed when I run `cmake .`! How silly of me
> > >
> > > Is there a way to have the decryption as a dependency of install
> > > target and have the removal at the end also?
> > >
> > > How would you implement this?
> >
> > Something to think about:
> > You want to decrypt and install the file without leaving it around in
> > the build dir. Why? If you're doing an install, the person installing it
> > should be root and therefore trustworthy (they'll have read access to
> > /etc/wpa_supplicant.conf, anyway). Then there's the problem of the
> > decryption key. If your build system can get this key, surely the user
> > can, too.
> >
> > Killing the make process at the right moment would leave the decrypted
> > file lying around, as well.
> >
> > Is what you think you want what you actually need?
> >
> > Perhaps you should look at INSTALL(CODE "<Some CMake Code>") which
> > executes CMake code during installation. I'll stab in the dark here with:
> >
> > FIND_PROGRAM(INSTALL_EXECUTABLE install)
> > IF(NOT INSTALL_EXECUTABLE)
> > # Die, somehow
> > ENDIF(NOT INSTALL_EXECUTABLE)
> >
> > FIND_PROGRAM(GPG_EXECUTABLE gpg)
> > IF(NOT GPG_EXECUTABLE)
> > # Die
> > ENDIF(NOT GPG_EXECUTABLE)
> >
> > MACRO(ETC_WPA_INSTALL FILE)
> > EXEC_PROGRAM(${GPG_EXECUTABLE} ARGS -o ${FILE} -d ${FILE}.encrypted)
> > EXEC_PROGRAM(${INSTALL_EXECUTABLE) -m 600 ${FILE}
> > /etc/wpa_supplicant/wpa_supplicant.conf)
> > FILE(REMOVE ${FILE})
> > ENDMACRO(ETC_WPA_INSTALL)
> >
> > INSTALL(CODE "ETC_WPA_INSTALL(file)")
> >
> > This isn't so great because it depends on an install program, but it
> > might get you thinking.
> >
> > -- Jack
> > _______________________________________________
> > CMake mailing list
> > CMake at cmake.org
> > http://www.cmake.org/mailman/listinfo/cmake
> >
>
>
> --
> www.mathsoc.com
>
--
www.mathsoc.com
More information about the CMake
mailing list