Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.bhp.com.au!mel.dit.csiro.au!munnari.OZ.AU!spool.mu.edu!agate!howland.reston.ans.net!gatech!psinntp!psinntp!psinntp!interramp.com!usenet From: myers@freebsd.interramp.com (David C. Myers) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Crytographic file system? Date: 2 Apr 1996 07:57:36 GMT Organization: PSI Public Usenet Link Lines: 27 Message-ID: <4jqmlg$h6r@usenet4.interramp.com> References: <4j2cmu$g9m@usenet6.interramp.com> <4jkrmp$i5c@soda.csua.berkeley.edu> NNTP-Posting-Host: ip239.san-francisco3.ca.interramp.com X-Newsreader: knews 0.9.3 In article <4jkrmp$i5c@soda.csua.berkeley.edu>, mconst@soda.CSUA.Berkeley.EDU (Michael Constant) writes: > >Question: does this really do what you want it to? I assume that >this is meant to help against an intruder who has root; since if the >intruder doesn't have root, regular filesystem permissions will keep >him out. But if the intruder does have root, he can grab your key >right out of memory when you mount the filesystem! (Not to mention >hacking mount to record your password...) No, this is not what I mean. I mean each disk block should be encrypted as it is written to the disk. That means even if some bad guy steals my computer and examines my disk sector by sector, he'd still have to deal with the fact that the data is encrypted (preferably by 128-bit ciphers, as in the Mac version I mentioned). Obviously, suitable precautions should be taken to ensure that the password is not preserved in virtual memory after the file system is unmounted. Think of it as on-the-fly encryption of data for an entire file system. -David.