Re: [PATCH 0/5] eCryptfs: Filename Encryption

From: Dave Kleikamp
Date: Thu Nov 06 2008 - 15:53:22 EST


On Thu, 2008-11-06 at 14:27 -0600, mhalcrow@xxxxxxxxxxxxxxxxxx wrote:
> On Wed, Nov 05, 2008 at 04:57:54PM +0100, Pavel Machek wrote:
> > On Tue 2008-11-04 15:37:54, Michael Halcrow wrote:
> > > This patchset implements filename encryption via a
> > > passphrase-derived mount-wide Filename Encryption Key (FNEK)
> > > specified as a mount parameter. Each encrypted filename has a
> > > fixed prefix indicating that eCryptfs should try to decrypt the
> > > filename. When eCryptfs encounters
> >
> > That is 'interesting'. What happens if normal filename has that
> > prefix?
>
> If the lower filename has the prefix but does not have a valid tag 70
> packet following the prefix, then eCryptfs will complain in the syslog
> and then pass through the lower filename as-is.

I'd recommend hiding this kind of syslog verbosity behind a debug config
option. I think it would be very easy to create a DOS attack against
ecryptfs by putting all sorts of clever things in the lower file system.
--
David Kleikamp
IBM Linux Technology Center

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/