Mounting an encrypted volume presents the volume to all users on a machine
Bruno Wolff III
bruno at wolff.to
Tue Oct 26 15:48:50 UTC 2010
On Tue, Oct 26, 2010 at 16:56:41 +0200,
nodata <lsof at nodata.co.uk> wrote:
> On 26/10/10 16:00, Bruno Wolff III wrote:
> > On Tue, Oct 26, 2010 at 12:07:56 +0200,
> > nodata<lsof at nodata.co.uk> wrote:
> >>
> >> Now imagine if you could read all of _my_ files and I could read all of
> >> yours. That makes no sense. You _can_ configure that if you want, but by
> >> default we go for security.
> >
> > Once upon a time that was the default for systems.
> >
> >> This is the same. You connect your encrypted hard disk to the system and
> >> you can look at the files on it because you know the passphrase.
> >
> > That is muddy thinking. The OS needs the password, you can't directly look
> > at the disk using the password in your head. The OS needs to manage access
> > to the encrypted device.
>
> I don't really understand what you're trying to say here.
>
> A person who knows the passphrase and nobody else (apart from super
> users, the kernel, etc) should be the only one who can access the
> unencrypted device.
How do you expect this to happen? The user is going to supply the password
to the OS and it is going to access the volume. At that point the OS is
protecting the data from unauthorized use by other users, not a password.
So you need to use normal OS controls on this.
The feature you seem to be looking for is that when an encrypted device
is mounted, that there be different defaults than when automounting
unencrypted devices. That might be reasonable (depending on what the
defaults are).
If the device has an ext* file system on it, normal uid usage should be good
enough if you just use it on one system or accross a set where you have the
same uid.
You can also use /etc/fstab to automatically control how the device is
mounted.
More information about the devel
mailing list