From owner-freebsd-questions@FreeBSD.ORG Fri Jan 16 17:53:20 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 61EFA1065677 for ; Fri, 16 Jan 2009 17:53:20 +0000 (UTC) (envelope-from rsmith@xs4all.nl) Received: from smtp-vbr3.xs4all.nl (smtp-vbr3.xs4all.nl [194.109.24.23]) by mx1.freebsd.org (Postfix) with ESMTP id EDE978FC16 for ; Fri, 16 Jan 2009 17:53:19 +0000 (UTC) (envelope-from rsmith@xs4all.nl) Received: from slackbox.xs4all.nl (slackbox.xs4all.nl [213.84.242.160]) by smtp-vbr3.xs4all.nl (8.13.8/8.13.8) with ESMTP id n0GHrIU6091465; Fri, 16 Jan 2009 18:53:18 +0100 (CET) (envelope-from rsmith@xs4all.nl) Received: by slackbox.xs4all.nl (Postfix, from userid 1001) id 8A3BEBA9E; Fri, 16 Jan 2009 18:53:18 +0100 (CET) Date: Fri, 16 Jan 2009 18:53:18 +0100 From: Roland Smith To: Marco Message-ID: <20090116175318.GA73625@slackbox.xs4all.nl> References: <497092C6.7030905@web.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="qDbXVdCdHGoSgWSk" Content-Disposition: inline In-Reply-To: <497092C6.7030905@web.de> X-GPG-Fingerprint: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 X-GPG-Key: http://www.xs4all.nl/~rsmith/pubkey.txt X-GPG-Notice: If this message is not signed, don't assume I sent it! User-Agent: Mutt/1.5.18 (2008-05-17) X-Virus-Scanned: by XS4ALL Virus Scanner Cc: freebsd-questions@freebsd.org Subject: Re: Runtime de/encryption X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jan 2009 17:53:21 -0000 --qDbXVdCdHGoSgWSk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jan 16, 2009 at 02:59:34PM +0100, Marco wrote: > Hello List, >=20 > i'am using the geom framework for quite a time. I'am happy about > gbde/geli implementations(beside the race condition in geli) however, i > wonder since some time, as the data may get > exposed on a running server(as the partitions decrypted)=20 On-disk encryption is not meant to secure access on a running machine. File and directory contents are only decrypted in memory, not on disk when you read them. You should use normal file permissions and possibly ACL's to restrict access to mounted filesystems. There are of course data structures in the kernel that contain decrypted information about the volume. But if an attacker can grab that info from a running kernel you've got bigger problems... > is there a way > to do some kind of runtime de/encyrption, with keys? so that only > special users with the right handle can encrypt or decrypt data? so > talking about another filesystem layer... I don't think there is something like that can be easily done. You'd have to alter the semantics of systems calls like open(2) and read(2) to use passwords. Roland --=20 R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) --qDbXVdCdHGoSgWSk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAklwyY4ACgkQEnfvsMMhpyW8aACglYwcnhDd2cp9eOS2N7+UX+ev MKEAnAzqyt+YDN5KxtyvETTLdYdYnq6S =T3zJ -----END PGP SIGNATURE----- --qDbXVdCdHGoSgWSk--