mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2025-01-10 17:24:41 +00:00
3eb93acc18
This commit re-organizes all the source distribution contents to present users with the simple script, while moving the rest in extras. Also autoconf/automake scripts were removed, back to minimalism. The rationale of this change is that Tomb really only consists of a script and users with no extra needs should just be presented with it with no need for anything else. Any other thing on top of the Tomb script is an extra and can be even distributed separately or integrated in distributions.
104 lines
3.5 KiB
Org Mode
104 lines
3.5 KiB
Org Mode
|
|
TODO and Roadmap for Tomb
|
|
|
|
you are welcome to send patches to jaromil@dyne.org
|
|
|
|
Issue tracking is now handled via GitHub, see http://github.com/dyne/Tomb
|
|
|
|
Old roadmap notes:
|
|
|
|
* DONE Release 1.0 :100%:
|
|
|
|
** TODO [#C] make one single status handle more tombs
|
|
** TODO [#C] decorate creation wizard with ASCII art
|
|
|
|
** DONE [#B] remove gnome dependencies from tomb core :jaromil:
|
|
|
|
gksu is deeply connected to gnome in all its packages. actually
|
|
libgksu2-dev is and that doesn't helps.
|
|
|
|
gksu binary is a very simple and dirty code, we should have
|
|
tomb-ask to use the libgksu library for privilege escalation, but
|
|
then this would add the dependency into C linking...
|
|
|
|
the solution is for now to detect if gksu is present, else fallback
|
|
to sudo and provide it an interface to ask the password graphically
|
|
via pinentry
|
|
|
|
** DONE [#B] SLAM tomb and kill all applications using it :anathema:
|
|
|
|
using lsof and fuser(1) we can do that easily
|
|
|
|
we should ask user confirmation when closing a tomb if to slam
|
|
|
|
tomb-askpass will become tomb-ask managing such user interaction,
|
|
using libassuan and pinentry from the gpg project.
|
|
|
|
** DONE [#B] fix operation without DISPLAY (over SSH) :hellekin:
|
|
** DONE [#A] steganography to store tomb key :jaromil:
|
|
|
|
steghide can hide keys in JPG, BMP, WAV or AU files it also takes
|
|
care of compressing end encrypting the key file so we don't
|
|
necessarily need gpg... it has Serpent and AES256 (CBC)
|
|
|
|
** DONE [#A] use a posix thread instead of fork for status close :jaromil:
|
|
** DONE [#A] use a config file to map bind mounts :jaromil:
|
|
|
|
done as file 'bind-hooks' inside tom. also 'post-hooks' is executed
|
|
as user in case symlinks are needed and so
|
|
|
|
using mount -o bind we can trigger actions to be made after mounting
|
|
a tomb so that personal directories appear in the home folder.
|
|
|
|
** DONE [#A] desktop integration the freedesktop way :jaromil:
|
|
** DONE [#B] debian packaging with desktop integration :jaromil:
|
|
** DONE [#A] Avoid overwriting key on exhume on same filename
|
|
** DONE [#A] Should refuse opening a tomb that is already open :jaromil:
|
|
|
|
|
|
|
|
* TODO Release 2.0 :00%:
|
|
|
|
Must be 100% backward compatible with tombs created with 1.0
|
|
|
|
** New features
|
|
|
|
*** [#A] system to split keys in parts (ssss)
|
|
*** [#A] use inotify on tomb
|
|
|
|
inotify can also count when was the last time tomb was used and
|
|
unmount it automatically after a timeout, see how much free space
|
|
is left and warn when the space is almost finished
|
|
|
|
*** [#A] udev rules to avoid usb automount of keyplug in gnome
|
|
|
|
*** [#A] sign and verify tomb script integrity (executed as root)
|
|
*** TODO [#B] Internationalization using gettext :jaromil:
|
|
|
|
Started generating the strings, still need to figure out how to
|
|
install it
|
|
|
|
*** [#B] make a gnome tomb undertaker using gnome-druid in glade
|
|
*** [#B] tomb locksmith for key management
|
|
a graphical tool or text wizard to move keys in/out steganography
|
|
as well split them
|
|
|
|
*** [#B] transport keys and integrity checksums on qrcodes
|
|
|
|
*** [#B] analyse and show tomb entropy using libdisorder
|
|
|
|
*** [#B] indeep security analysis of possible vulnerabilities
|
|
*** [#C] more gtk dialogs for configurations? keep it minimal!
|
|
|
|
|
|
* TODO Porting to Win$loth
|
|
|
|
using FReeOTFE http://www.freeotfe.org
|
|
|
|
or at least make it compatible with http://www.sdean12.org/SecureTrayUtil.htm
|
|
|
|
* TODO Porting to Apple/OSX
|
|
|
|
still to be investigated what's there that supports cryptsetup-luks volumes
|
|
|