StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POMake setup for encrypted individual files in a C++ project
primarykey
Id
9163952
data
AcceptedAnswerId
9622836
AnswerCount
1
ClosedDate
CommentCount
5
CommunityOwnedDate
CreationDate
2012-02-06T16:59:08.717
FavoriteCount
1
LastActivityDate
2012-03-08T18:28:30.880
LastEditDate
LastEditorUserId
0
OwnerUserId
275669
ParentId
0
PostTypeId
1
Score
0
ViewCount
264
LastEditorDisplayName
text
Body
We have a C/C++ project where we wish to encrypt (with GPG) every single source file, and have make (specifically, GNU Make) seamlessly work (as it does now with unencrypted source). If we encrypt only the C or C++ files, this seems fairly easy to accomplish with a rule like this: <pre><code>%.o : %.cc.gpg %.hh $(GPG) --decrypt $< | $(CXX) $(CFLAGS) -x c++ -c -o $@ - </code></pre> However, if we start encrypting header files, it gets a lot trickier, as the C file may #include any number of headers. So it seems to me that first I need to generate a dependency list, then decrypt every one that is encrypted, and compile. Ideally, the decryption would be done in-memory, rather than leaving decrypted files laying around while compilation takes place. Some notes, in anticipation of the comments I'll get: <ul> <li>The users' workflow will involve GPG plugins for their editor, but the rest should be as seamless as possible (i.e. traditional commandline-based Linux svn + make + gcc workflow)</li> <li>We are using subversion for source control. We know and are OK with source being stored as binary blobs (as well as the implications of this, e.g. breaking svn diff)</li> <li>The subversion repo lives on an encrypted filesystem (LUKS), and access is only through https</li> <li>This is a management requirement</li> <li>In my web research of this problem, I've seen a lot of people argue against encrypting every source file. As I said, it's a management requirement. But one thing that is not addressed by these arguments is keeping the source safe from sysadmins. Yes, at some point you have to trust people, but our source is kind of like the recipe to Coke: if it is uncontrolled, it could literally ruin the company. So why take chances?</li> </ul>
Tags
<c++><svn><encryption><gnu-make>
Title
Make setup for encrypted individual files in a C++ project
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USMatt
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POMake setup for encrypted individual files in a C++ project
 UserUserId
 USRudi
 VoteTypeVoteTypeId
 VTFavorite
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.