Re: [RFD] Common userspace tool for fscypto
From: Eric Biggers
Date: Fri Dec 02 2016 - 19:40:50 EST
On Wed, Nov 30, 2016 at 09:27:28AM +0100, Richard Weinberger wrote:
>
> BTW: This limitations needs to be clearly documented somewhere.
> Usually an user thinks that only she can access encrypted files...
>
> Thanks,
> //richard
For what it's worth, I've been making a few updates to the public design
document for ext4 encryption based on what's actually upstream now:
https://docs.google.com/document/d/1ft26lUQyuSpiu6VleP70_npaWdRfXFoNnB8JYnykNTg
It still needs work, though. It doesn't really answer the questions about
access control and key revocation, for example, and of course now the upstream
code isn't actually ext4 specific anymore.
At some point it might be nice to write some in-tree documentation for fscrypto,
e.g. a file Documentation/filesystems/fscrypto.txt.
Eric