Mike,
The general answer to this, at least from the perspective of a
paranoid user, is that it is not possible in a UNIX environment to
achieve this. Since a the data structures for the mounted filesystem,
as well as any cached data, are in memory, and since root can access
memory freely, you'll never be able to keep a secret from root. Of
course, this would take effort on root's part to build an image of the
mounted disk from the data as it passes through memory, but it is
still not "secure". I don't want to answer this as though I have an
authoritative answer though, since I haven't yet gotten a chance to fully
grok the capabilities system, which may allow you to do something like
this, but...
-Craig
On Thu, Feb 17, 2000 at 08:24:15PM -0500, Mike A. Harris wrote:
> Are there any patches for the kernel, or userland solutions which
> allow a user to mount an encrypted filesystem (perhaps through
> loopback) which while mounted, root cannot read? Or is this
> concept beyond Linux currently?
>
> I'm thinking of the case where the superuser can admin the
> machine but due to confidentiality, the data must not be readable
> by root under any circumstance. Possible?
-- Craig B. Agricola W: (802) 769-4636 Work Related Email: agricolc@btv.ibm.com Personal Email: cba@po.cwru.edu- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:22 EST