On Tue, 4 March 2003 13:30:20 +0400, Vlad Harchev wrote:
>
> Sorry for confusion - I meant loopback-based crypto filesystem - e.g. loop-aes
> based (loop-aes.sourceforge.net) or CryptoAPI-based (www.kerneli.org) - both
> are loopback-based filesystem (one has to call losetup(8) to point out chipher,
> a password..)
Loopback with encryption is not the same as a crypto filesystem.
Loopback encryption works transparently with any (non-)crypto fs.
A potential attacker can use this to look for the ext2 superblock,
which gives him the same data both encrypted an unencrypted. A real
cryptofs would go through great pains to take such advantages away.
Jörn
-- Invincibility is in oneself, vulnerability is in the opponent. -- Sun Tzu - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Mar 07 2003 - 22:00:24 EST