Support for OS X versioning is spreading among apps (e.g., TextWrangler has just added this feature as of version 4.5), but it is unclear what the security implications of this are. For example, if I use an app to store important or sensitive information, I will make sure that the file is on a password protected, encrypted volume; but I worry that OS X versioning might circumvent this by storing versions in an un-secure form and location.
Where does OS X versioning store versions? Is this location secure and encrypted?
Best Answer
Versions are stored on the same physical / logical volume as the original. This Q&A has all the technical details, but in short, look in the root user owned folder
/.DocumentRevisions-V100
on each volume. If you create a disk image, the user that mounts the disk image normally owns the/Volumes/whatever/.DocumentRevisions-V100
directory where changes to documents on that volume are stored.So - if that volume is FileVault encrypted (or a secure disk image) then the version is as secure as the original.
When you copy a file by attaching it, you only send the current saved copy - not any previous versions - so then again - it's only as secure (or not) as the medium into which you send that file.
So - versions doesn't do any additional encryption and it's really up to each application to decide whether it enables or disables versions and whether the data it writes is also obfuscated / encrypted - but the presence of versions neither adds nor subtracts security to a system.