Re: Userland encrypted filesystem that root cannot access.

From: Michael H. Warfield (mhw@wittsend.com)
Date: Sat Feb 19 2000 - 12:22:29 EST

Next message: Pete Clements: "pre2.3.47-6 breaks networking (3c509)"
Previous message: Jeff Garzik: "Re: TCP stuck (RH 2.2.12-20 <-> 2.2.13)"
In reply to: Mike A. Harris: "Re: Userland encrypted filesystem that root cannot access."
Next in thread: Grendel: "Re: Userland encrypted filesystem that root cannot access."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Feb 19, 2000 at 01:19:15AM -0500, Mike A. Harris wrote:
> On Fri, 18 Feb 2000, Horst von Brand wrote:

> >Date: Fri, 18 Feb 2000 20:15:40 -0300
> >From: Horst von Brand <vonbrand@sleipnir.valparaiso.cl>
> >To: mharris@meteng.on.ca
> >Cc: Linux Kernel mailing list <linux-kernel@vger.rutgers.edu>
> >Subject: Re: Userland encrypted filesystem that root cannot access.

> >"Mike A. Harris" <mharris@meteng.on.ca> said:
> >> Are there any patches for the kernel, or userland solutions which
> >> allow a user to mount an encrypted filesystem (perhaps through
> >> loopback) which while mounted, root cannot read? Or is this
> >> concept beyond Linux currently?

> >> I'm thinking of the case where the superuser can admin the
> >> machine but due to confidentiality, the data must not be readable
> >> by root under any circumstance. Possible?

> >A determined root will be able to snoop on your password and stash the
> >contents of your encrypted media away for leisurly study. Not easy to do,
> >but not terribly hard either.

> Thanks, I'm aware of that, however that would be acceptable.
> The particular case I'm thinking about, root is for all intents
> and purposes a bucket of chicken. ;o) Certainly not capable of
> hacking anything... A *TRUE* secure solution would be nice, but
> a "stop luser root" solution would be fine...

In that case, even CFS would work. If a normal user mounts his
encrypted directory, even root can't read it without hacking the CFS binary
or pawing through kmem. Matt Blaze mentions some of this in his
documentation on CFS that you can't stop a determined root user but
a root user would still have to hack into it. It won't happen by browsing
or by accident.

> Thanks.
> TTYL

> --
> Mike A. Harris Linux advocate
> Computer Consultant GNU advocate
> Capslock Consulting Open Source advocate

> Join the FreeMWare project - the goal to produce a FREE program in
> which you can run Windows 95/98/NT, and other operating systems.

> http://www.freemware.org

Mike

-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (770) 331-2437   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pete Clements: "pre2.3.47-6 breaks networking (3c509)"
Previous message: Jeff Garzik: "Re: TCP stuck (RH 2.2.12-20 <-> 2.2.13)"
In reply to: Mike A. Harris: "Re: Userland encrypted filesystem that root cannot access."
Next in thread: Grendel: "Re: Userland encrypted filesystem that root cannot access."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:23 EST