lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20161203004040.GB3508@google.com>
Date:   Fri, 2 Dec 2016 16:40:40 -0800
From:   Eric Biggers <ebiggers@...gle.com>
To:     Richard Weinberger <richard@....at>
Cc:     Joe Richey <joerichey@...gle.com>,
        Michael Halcrow <mhalcrow@...gle.com>,
        linux-fsdevel <linux-fsdevel@...r.kernel.org>, kzak@...hat.com,
        Theodore Ts'o <tytso@....edu>,
        Jaegeuk Kim <jaegeuk@...nel.org>,
        David Gstir <david@...ma-star.at>,
        Ext4 Developers List <linux-ext4@...r.kernel.org>,
        linux-f2fs-devel@...ts.sourceforge.net,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [RFD] Common userspace tool for fscypto

On Wed, Nov 30, 2016 at 09:27:28AM +0100, Richard Weinberger wrote:
> 
> BTW: This limitations needs to be clearly documented somewhere.
> Usually an user thinks that only she can access encrypted files...
> 
> Thanks,
> //richard

For what it's worth, I've been making a few updates to the public design
document for ext4 encryption based on what's actually upstream now:

https://docs.google.com/document/d/1ft26lUQyuSpiu6VleP70_npaWdRfXFoNnB8JYnykNTg

It still needs work, though.  It doesn't really answer the questions about
access control and key revocation, for example, and of course now the upstream
code isn't actually ext4 specific anymore.

At some point it might be nice to write some in-tree documentation for fscrypto,
e.g. a file Documentation/filesystems/fscrypto.txt.

Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ