*BSD News Article 64509


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.bhp.com.au!mel.dit.csiro.au!munnari.OZ.AU!news.ecn.uoknor.edu!qns3.qns.com!imci4!newsfeed.internetmci.com!info.ucla.edu!agate!not-for-mail
From: mconst@soda.CSUA.Berkeley.EDU (Michael Constant)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: Crytographic file system?
Date: 30 Mar 1996 18:46:49 -0800
Organization: Society for the Prevention of Cruelty to Vegetables, UC Berkeley
Lines: 23
Message-ID: <4jkrmp$i5c@soda.CSUA.Berkeley.EDU>
References: <4j2cmu$g9m@usenet6.interramp.com>
NNTP-Posting-Host: soda.csua.berkeley.edu

David C. Myers <myers@freebsd.interramp.com> wrote:
>Are there any implementations of a cryptographic file system 
>for FreeBSD?  Ideally, I'd like to have one that allows you 
>to mount a partition by giving a password.  Then, every block
>of data written to or read from the partition will be encrypted 
>on the fly using the password.  Once finished with the partition, 
>you unmount it, forcing any intruder to guess your password or
>try a brute force attack.

Question: does this really do what you want it to?  I assume that
this is meant to help against an intruder who has root; since if the
intruder doesn't have root, regular filesystem permissions will keep
him out.  But if the intruder does have root, he can grab your key
right out of memory when you mount the filesystem!  (Not to mention
hacking mount to record your password...)

This works much better on the Mac, for two reasons: it is a single-
user system, so it's much harder for someone else to monitor your
password as you type it in; and source is not readliy available, so
it's harder for someone else to replace your partition-mount utility
with a fake.  Not that it isn't possible... :-)
--
            Michael Constant (mconst@soda.csua.berkeley.edu)