[rt-users] GPG related question about RT data in the database

Kevin Falcone falcone at bestpractical.com
Tue Jun 17 17:16:35 EDT 2014


On Tue, Jun 17, 2014 at 10:00:06PM +0200, Joop wrote:
> Thanks Kevin for your answer. I didn't link this pref with the
> Decrypt/Encrypt links in the transactions.

Doc patches welcome, I had to grep to convince myself it was the only
thing.

> Follow up question on this is: It is the admins responsibility to use
> the correct RT permissions to make sure not everyone can see the content
> of all tickets.

Correct.  You do also need ModifyTicket, so just ShowTicket isn't
enough to decrypt the message and see it.

> My first and colleagues too reaction was that if someone doesn't have a
> pgp key that they shouldn't be able to see the ticket but that is not
> true. Ticket content is visible because the queue private key is
> available isn't it?
> 
> So correct workflow would be: Create Queue_with_sensitive_data, setup
> pgp on it, create group and assign RT privs to it, put the correct
> people in the group.

Something like that.  This option is really there because people
didn't trust the DBA or wanted encrypted data in the backups.  But in
reality, if someone has root access to your webserver, they can get at
your keyring, etc etc.

Encrypting to a single user key isn't currently supported by this,
might be a good idea, but could end up going horribly wrong if you
think through a user termination.

-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 235 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20140617/5131ceda/attachment.sig>


More information about the rt-users mailing list