Hi. I've been a happy user of loop-aes for several years now. Sincerely,
thanks for all the time that people (Jari and others) have put into the
product. I haven't been able to understand *everything* that's been
discussed here (!) but some of it, and the product itself works great.
I've got a couple of general questions along the lines of encrypted
filesystems, and then a followup regarding what's available for
Solaris x86. I know this list is '*linux*-crypto', but some people might
still be able to help on the latter topic anyway.
I find myself in a situation of wanting to utilise applications and
filesystems/data on a *shared* system in a work environment.
On my home desktop I use loop-aes to encrypt all of my filesystems
basically so, if the system is stolen, no-one will be able to read my
private data.
It seems evident, though, that on a shared system, with multiple
people logged in as root on the same machine, any of those
root users will be able to snoop around and read as cleartext
the files I might have on a 'private' filesystem, even if it's mounted
via loop-aes, as the filesystem will be mounted at the time, and
thus visible/decrypted for all.
Are there products out there that perform filesystem decryption
on a per-process basis? That allow a user to 'register' a set of
process ids - maybe process group ids, or controlling terminals,
etcetera - and decryption into cleartext only takes place for
processes that are thus registered?
Or would that be considered too dangerous ... if any root process,
say, that wasn't thus registered, came along and looked at
a mounted filesystem which was working on this basis, I guess
the kernel would report the filesystem as 'corrupt' and possibly
make some sort of correction, updating the filesystem outside
the control of the cryptographic layer?
Any other ideas for being able to work in privacy on a shared
Unix system? Other than using applications which are explicitly
written to provide same?
And, my followup question ... if there are any such solutions, would
they (also) work for Solaris x86? I'm pretty sure, for example, that
loop-aes isn't ported to Solaris ... and in fact, even though 'vanilla'
Linux seems to have had cryptographic hooks for the loopback
device, going back years as far as I can recall, I haven't seen signs
of anything like that for Solaris's 'lofiadm' command. My actual need
right now is to set up some sort of shared-privacy solution for a
Solaris x86 system, although I'm genuinely curious as to what might
be possible in general for Unix/Linux systems as well.
Any help or advice, in general or references to specific software,
would be most appreciated.
Thanks,
Alex