syncany-team team mailing list archive

[Philipp Heckel <philipp.heckel@xxxxxxxxx>]

Well there are of course two ways:
(a) server-based access control
(b) cryptographic access control

Case (a) is the one I was talking about. It's the easiest variant and
the only way to make sure that your data does not get deleted by some
unauthorized user. But at the risk of having to share the password
with the server. Of course there are ways to only let the client know
the secret and make the server just the middle man, but they are not
easy to implement ...

Case (b) is what you are referring to. All users with the storage
credentials (e.g. username/password to the IMAP account) have access
to all files, but can only decrypt a subset of them. This is also not
a simple concept since one has to think about granting/revoking
previleges to files. It's certainly possible, but not the focus at the
moment. Feel free to experiement :-D

If you're interested, I have some interested papers regarding this topic.

Cheers,
Philipp


On Tue, Jun 21, 2011 at 10:49 PM, code M <complexm@xxxxxxxxx> wrote:
> mmh, maybe stupid thought, but why should IMAP not be able to just
> share some files? if the date/time stamp is not important, anyone
> could just encrypt a message with some elliptical public/private key and
> share that file with some special group/person by deleting the original
> file/message and creating a crypted version of it? i do admit that this
> is a bad misuse of IMAP, but shouldnt that work??
>
> regards,
> aydin
>
>
> On 21 June 2011 22:21, Philipp Heckel <philipp.heckel@xxxxxxxxx> wrote:
>> Hi there,
>>
>> You have to define what you mean with "folder sharing". If you mean
>> being able to share a repository with someone, that is already
>> possible. If you mean only a sub-directory, that probably won't be
>> possible due to heterogeneity of the storage types.
>>
>> Take IMAP, for instance: if you have access to an IMAP account, there
>> is no way of restricting the access to only a few files. With FTP or
>> S3, however, this _would_ be possible. However, due to their entirely
>> different concepts, I don't think that folder sharing will ever be
>> implemented -- at least not without a server component.
>>
>> If we had a trusted server, we could simply let the server do "access
>> control". This will probably come at some point. But not in the near
>> future.
>>
>> @Jason: two users never write the same file. No locking, no race
>> conditions. :-D
>>
>> Cheers,
>> Philipp
>>
>> On Tue, Jun 21, 2011 at 9:50 PM, Jason Irwin <jasonirwin73@xxxxxxxxx> wrote:
>>> I don't want to reply publicly as I'm not really a spokesperson for the
>>> project.
>>>
>>> But surely this is down the repository used?  If multiple users sync to a
>>> folder where they have permissions, then they all should be kept in step.
>>> Although I could see there being issues with multiple-updates and race
>>> conditions.  That could be resovled by security settings (only letting on
>>> user push, but allowing all others to pull).
>>>
>>> Just my thoughts.
>>>
>>> J.
>>>
>>>
>>> --
>>> Mailing list: https://launchpad.net/~syncany-team
>>> Post to     : syncany-team@xxxxxxxxxxxxxxxxxxx
>>> Unsubscribe : https://launchpad.net/~syncany-team
>>> More help   : https://help.launchpad.net/ListHelp
>>>
>>
>> --
>> Mailing list: https://launchpad.net/~syncany-team
>> Post to     : syncany-team@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~syncany-team
>> More help   : https://help.launchpad.net/ListHelp
>>
>