Re: Userland encrypted filesystem that root cannot access.

• Next message: Rick Hohensee: "un-broke in 2.2"
• Previous message: Brian Gerst: "[PATCH] 2.3.47-pre6 fs/Config.in broken for xconfig"
• In reply to: Craig B Agricola: "Re: Userland encrypted filesystem that root cannot access."
• Next in thread: Rafal Maszkowski: "Re: Userland encrypted filesystem that root cannot access."
• Reply: Rafal Maszkowski: "Re: Userland encrypted filesystem that root cannot access."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 18 Feb 2000, Craig B Agricola wrote:

>Date: Fri, 18 Feb 2000 09:32:00 -0500
>From: Craig B Agricola <agricolc@btv.ibm.com>
>To: mharris@meteng.on.ca,
     Linux Kernel mailing list <linux-kernel@vger.rutgers.edu>
>Subject: Re: Userland encrypted filesystem that root cannot access.
>
>Mike,
> The general answer to this, at least from the perspective of a
>paranoid user, is that it is not possible in a UNIX environment to
>achieve this. Since a the data structures for the mounted filesystem,
>as well as any cached data, are in memory, and since root can access
>memory freely, you'll never be able to keep a secret from root. Of
>course, this would take effort on root's part to build an image of the
>mounted disk from the data as it passes through memory, but it is
>still not "secure". I don't want to answer this as though I have an
>authoritative answer though, since I haven't yet gotten a chance to fully
>grok the capabilities system, which may allow you to do something like
>this, but...

Well, I definitely expected that such would be the case at least
currently. What I really wanted to know was wether it is
possible to have an encrypted fs, that when a user logs in and
mounts it, if while mounted, root goes: cd path_to_encryptedfs

The data is not readable. Root may be able to hunt around in
kmem, or whatever, but the likelyhood of it is slim for the idea
that I'm interested in. 100% security isn't necessary, more of a
"obscure" the dumb root user from looking at user's private
files. Not obscure the smart root user who can read kmem, and
wants to spend the time to do so... ;o)

--
Mike A. Harris                                     Linux advocate     
Computer Consultant                                  GNU advocate  
Capslock Consulting                          Open Source advocate
Join the FreeMWare project - the goal to produce a FREE program in
which you can run Windows 95/98/NT, and other operating systems.
                    http://www.freemware.org
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Rick Hohensee: "un-broke in 2.2"
• Previous message: Brian Gerst: "[PATCH] 2.3.47-pre6 fs/Config.in broken for xconfig"
• In reply to: Craig B Agricola: "Re: Userland encrypted filesystem that root cannot access."
• Next in thread: Rafal Maszkowski: "Re: Userland encrypted filesystem that root cannot access."
• Reply: Rafal Maszkowski: "Re: Userland encrypted filesystem that root cannot access."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:23 EST