Mounting an encrypted volume presents the volume to all users on a machine

[nodata]

On 26/10/10 22:24, Gregory Maxwell wrote:
> On Tue, Oct 26, 2010 at 4:10 PM, Bruno Wolff III<bruno at wolff.to>  wrote:
>> This is where we should be going. Encryption is really irrelavent. The issue
>> should be if a removable device is inserted, who should have access to it
>> if it gets automounted. I would expect encrypted and unencrypted devices
>> to get the same treatment. The encrypted devices do already have a pop up,
>> so maybe that makes it not as much effort to ask a question when the device
>> is mounted. But I don't see otherwise why one would want to treat encrypted
>> and uncrypted removable devices differently.
>
> We don't know which of multiple users plugged the device in but we
> know which user provided the key to decrypt the device.
>
> The existence of encryption shows that the user may care more about
> the confidentiality of the data, and there is less of an previously
> existing "installed base" of expectations about how an encrypted
> volume works when you plug it in.

This is exactly it.

> If we wanted to get fancy (e.g. go beyond just a change in the default
> modes) additional users could authenticate themselves to an already
> mounted encrypted volume one at a time by providing the key.
>
> ::shrugs::