Re: Userland encrypted filesystem that root cannot access.

From: H. Peter Anvin (hpa@transmeta.com)
Date: Mon Feb 21 2000 - 03:00:14 EST

Next message: Brad Campbell: "Re: es1371 in 2.3.47-pre3 help! I'm lost!"
Previous message: Ricky Beam: "Re: Question about kernel log buffer size"
In reply to: Grendel: "Re: Userland encrypted filesystem that root cannot access."
Next in thread: Glenn McGrath: "Re: Userland encrypted filesystem that root cannot access."
Reply: Glenn McGrath: "Re: Userland encrypted filesystem that root cannot access."
Reply: Grendel: "Re: Userland encrypted filesystem that root cannot access."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Grendel wrote:
> >
> > While mounted? No. Root has access to the entire machine and
> Why not? Just never decrypt data on fs read. Feed the client with encrypted
> data and leave it to them to decrypt it.
>

Then it's not an encrypted **FILESYSTEM**. Application level encryption
is a whole other matter. Even so, root can intercept the client process
and read the data out of its memory.

-hpa

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Brad Campbell: "Re: es1371 in 2.3.47-pre3 help! I'm lost!"
Previous message: Ricky Beam: "Re: Question about kernel log buffer size"
In reply to: Grendel: "Re: Userland encrypted filesystem that root cannot access."
Next in thread: Glenn McGrath: "Re: Userland encrypted filesystem that root cannot access."
Reply: Glenn McGrath: "Re: Userland encrypted filesystem that root cannot access."
Reply: Grendel: "Re: Userland encrypted filesystem that root cannot access."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:26 EST