Re: [PATCH 0/3] eCryptfs: Support metadata in xattr

From: Andrew Morton
Date: Tue Jan 09 2007 - 17:35:39 EST


On Tue, 9 Jan 2007 16:21:07 -0600
Michael Halcrow <mhalcrow@xxxxxxxxxx> wrote:

> This patch set introduces the ability to store cryptographic metadata
> into an lower file extended attribute rather than the lower file
> header region.
>
> This patch set implements two new mount options:
>
> ecryptfs_xattr_metadata
> - When set, newly created files will have their cryptographic
> metadata stored in the extended attribute region of the file rather
> than the header.

Why is this useful?

> ecryptfs_encrypted_view
> - When set, this option causes eCryptfs to present applications a
> view of encrypted files as if the cryptographic metadata were
> stored in the file header, whether the metadata is actually stored
> in the header or in the extended attributes.

Sounds kludgy. "This mode of operation is useful for applications like
incremental backup utilities that do not preserve the extended attributes
when directly accessing the lower files.". Wouldn't it be better to lean
on people to use better backup tools, and to fix existing ones?


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/