From ed44ee24442eae97b925d0512b807b99f55c86e4 Mon Sep 17 00:00:00 2001 From: Olly Betts Date: Mon, 15 Aug 2016 00:41:29 +0100 Subject: [PATCH] Re: [PATCH v4 16/16] add "notmuch reindex" subcommand --- b2/c52111b769ebac56d0a0738b40b1f5c58eab09 | 90 +++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 b2/c52111b769ebac56d0a0738b40b1f5c58eab09 diff --git a/b2/c52111b769ebac56d0a0738b40b1f5c58eab09 b/b2/c52111b769ebac56d0a0738b40b1f5c58eab09 new file mode 100644 index 000000000..0cdaa08c0 --- /dev/null +++ b/b2/c52111b769ebac56d0a0738b40b1f5c58eab09 @@ -0,0 +1,90 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by arlo.cworth.org (Postfix) with ESMTP id A740A6DEB51A + for ; Sun, 14 Aug 2016 17:04:55 -0700 (PDT) +X-Virus-Scanned: Debian amavisd-new at cworth.org +X-Spam-Flag: NO +X-Spam-Score: -2.356 +X-Spam-Level: +X-Spam-Status: No, score=-2.356 tagged_above=-999 required=5 + tests=[AWL=-0.055, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] + autolearn=disabled +Received: from arlo.cworth.org ([127.0.0.1]) + by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id 5cUgz7WEmCPT for ; + Sun, 14 Aug 2016 17:04:46 -0700 (PDT) +X-Greylist: delayed 1284 seconds by postgrey-1.35 at arlo; + Sun, 14 Aug 2016 17:03:13 PDT +Received: from atreus.tartarus.org (atreus.tartarus.org [80.252.125.10]) + by arlo.cworth.org (Postfix) with ESMTPS id 67C536DEA05E + for ; Sun, 14 Aug 2016 17:03:13 -0700 (PDT) +Received: from olly by atreus.tartarus.org with local (Exim 4.69) + (envelope-from ) + id 1bZ521-0005HY-Fy; Mon, 15 Aug 2016 00:41:29 +0100 +Date: Mon, 15 Aug 2016 00:41:29 +0100 +From: Olly Betts +To: David Bremner +Cc: Daniel Kahn Gillmor , + Notmuch Mail +Subject: Re: [PATCH v4 16/16] add "notmuch reindex" subcommand +Message-ID: <20160814234129.GG14865@survex.com> +References: <1467970047-8013-1-git-send-email-dkg@fifthhorseman.net> + <1467970047-8013-17-git-send-email-dkg@fifthhorseman.net> + <87h9an3rc0.fsf@maritornes.cs.unb.ca> +MIME-Version: 1.0 +Content-Type: text/plain; charset=us-ascii +Content-Disposition: inline +In-Reply-To: <87h9an3rc0.fsf@maritornes.cs.unb.ca> +User-Agent: Mutt/1.5.21 (2010-09-15) +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.20 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Mon, 15 Aug 2016 00:04:56 -0000 + +On Mon, Aug 15, 2016 at 07:42:39AM +0900, David Bremner wrote: +> Daniel Kahn Gillmor writes: +> > +Supported options for **reindex** include +> > + +> > + ``--try-decrypt`` +> > + +> > + For each message, if it is encrypted, try to decrypt it while +> > + indexing. If decryption is successful, index the cleartext +> > + itself. Be aware that the index is likely sufficient to +> > + reconstruct the cleartext of the message itself, so please +> > + ensure that the notmuch message index is adequately +> > + protected. DO NOT USE THIS FLAG without considering the +> > + security of your index. +> +> What can we say about re-indexing without the flag, when the user has +> previously indexed cleartext? I guess this is at least partly a question +> for Olly: if we delete terms from a xapian document, how recoverable are +> those terms and positions? I suppose it might depend on backend, but +> does deleting terms provide at least same level of security as deleting +> files in modern file systems + +That seems a fair assessment. Probably the main extra security you'd +get is that there are less likely to be existing tools to get at the +data, and that it's spread over more places so it's harder to locate it +all so you can reconstruct the plain text (whereas if a deleted file +contained the plain text, it would be fairly easy to locate if you can +guess part of it, or at least write a bit of code to recognise likely +candidates). + +> (i.e. not much against determined state level actors, but good enough +> to defeat most older brothers) + +"Good enough against big brother, but not Big Brother" + +Cheers, + Olly -- 2.26.2