Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 16 Jan 2009 18:53:18 +0100
From:      Roland Smith <>
To:        Marco <>
Subject:   Re: Runtime de/encryption
Message-ID:  <>
In-Reply-To: <>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jan 16, 2009 at 02:59:34PM +0100, Marco wrote:
> Hello List,
> i'am using the geom framework for quite a time. I'am happy about
> gbde/geli implementations(beside the race condition in geli) however, i
> wonder since some time, as the data may get
> exposed on a running server(as the partitions decrypted)=20

On-disk encryption is not meant to secure access on a running machine.

File and directory contents are only decrypted in memory, not on disk
when you read them. You should use normal file permissions and possibly
ACL's to restrict access to mounted filesystems.

There are of course data structures in the kernel that contain decrypted
information about the volume. But if an attacker can grab that info from
a running kernel you've got bigger problems...

> is there a way
> to do some kind of runtime de/encyrption, with keys? so that only
> special users with the right handle can encrypt or decrypt data? so
> talking about another filesystem layer...

I don't think there is something like that can be easily done. You'd
have to alter the semantics of systems calls like open(2) and read(2) to use

[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v2.0.9 (FreeBSD)



Want to link to this message? Use this URL: <>