Mr. Sudakar: On 3/24/07 5:54 PM, "Alex Sudakar" <alex.sudakar@xxxxxxxxx> wrote: > Hi. I've been a happy user of loop-aes for several years now. Sincerely, > thanks for all the time that people (Jari and others) have put into the > product. I haven't been able to understand *everything* that's been > discussed here (!) but some of it, and the product itself works great. Despite its lack of Windows support, it is a great product, but I had to switch to something that provided Linux and Windows support, though that may not be enough for me now. > > I've got a couple of general questions along the lines of encrypted > filesystems, and then a followup regarding what's available for > Solaris x86. I know this list is '*linux*-crypto', but some people might > still be able to help on the latter topic anyway. > > I find myself in a situation of wanting to utilise applications and > filesystems/data on a *shared* system in a work environment. > On my home desktop I use loop-aes to encrypt all of my filesystems > basically so, if the system is stolen, no-one will be able to read my > private data. > > It seems evident, though, that on a shared system, with multiple > people logged in as root on the same machine, any of those With multiple people logged in as root, your system administrator should be canned. The real way to circumvent this would be to use sudo, and restrict what they can do with root privileges entirely. Why in g-d's name any system administrator would have multiple people logged in that way is incomprehensible, and downright irresponsible. > root users will be able to snoop around and read as cleartext > the files I might have on a 'private' filesystem, even if it's mounted Using sudo, ACLs, and file permissions this should never be the case. > via loop-aes, as the filesystem will be mounted at the time, and > thus visible/decrypted for all. > > Are there products out there that perform filesystem decryption > on a per-process basis? That allow a user to 'register' a set of > process ids - maybe process group ids, or controlling terminals, > etcetera - and decryption into cleartext only takes place for > processes that are thus registered? > > Or would that be considered too dangerous ... if any root process, > say, that wasn't thus registered, came along and looked at > a mounted filesystem which was working on this basis, I guess > the kernel would report the filesystem as 'corrupt' and possibly > make some sort of correction, updating the filesystem outside > the control of the cryptographic layer? > > Any other ideas for being able to work in privacy on a shared > Unix system? Other than using applications which are explicitly > written to provide same? > > And, my followup question ... if there are any such solutions, would > they (also) work for Solaris x86? I'm pretty sure, for example, that > loop-aes isn't ported to Solaris ... and in fact, even though 'vanilla' > Linux seems to have had cryptographic hooks for the loopback > device, going back years as far as I can recall, I haven't seen signs > of anything like that for Solaris's 'lofiadm' command. My actual need > right now is to set up some sort of shared-privacy solution for a > Solaris x86 system, although I'm genuinely curious as to what might > be possible in general for Unix/Linux systems as well. One of the major reasons I switched from using loop-aes (and excellent piece of software mind you) to TrueCrypt is that while Loop-AES is open source, it has no capability to run under Windows. Now, for those people that are of the opinion that you just shouldn't use Windows (which I agree with), that is quite unrealistic, at least being an IT consultant in the US anyway. For me, the ultimate encryption product would use containers that were able to be opened under Linux, under Windows, under Solaris, and under MacOS. Now getting a product that is (at least) running Windows and Linux, you have the TrueCrypt, and since it is open source perhaps it will get ported to MacOS and Solaris. I use a Mac for the most part now, and use FileVault on the Mac, as it is a very easy take to create a FileVault DMG file, and then control whom has any access to it over the network. Although FileVault is "only AES-128" (so it'll take 50M less years vice AES-256, big deal) it works quite well. > > Any help or advice, in general or references to specific software, > would be most appreciated. > > Thanks, > > > Alex > -- Very Respectfully, IT3 Stuart Blake Tener, USN Beverly Hills, California Amateur Radio Call Sign: N3GWG (Extra) email: teners@xxxxxxxxxxx phone: +(1) 310.358.0202 (Beverly Hills, CA) phone: +(1) 215.338.6005 (Philadelphia, PA) E-Fax: +(1) 915.773.0935 (Telecopier) Military emails (checked monthly until remote NMCI access is secured) NIPRNET: stuart.tener@xxxxxxxx / tenerstu@xxxxxxx SIPRNET: NONE TS/SCI: tenerstu@xxxxxxxxxx (GWAN) Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
