Hi Richard,
As of now root[1] can access the plain-text when the data is cached
by the user-with-the-key and, root gets error no-key when data is
not cached by the user-with-the-key. I think this behavior is a
bug if not, wrong design, or looks like I am missing something.
[1] for that matter any user who has read access to the files but
does not have the keys.
Well, as soon the key is loaded plaintext of pages and filenames will be
stored in page- and dcache and any users that can access the files will
see the plaintext.
If you want to keep /secret really secret you have to apply correct DAC/MAC
permissions as well.
Or put /secret into a private mount namespace.
Right. Keeping the secret really secret wasn't the point I was trying to
make instead, irrespective of whether the plain-text is cached or
not-cached by the key-user, the behavior for the no-key-user access has
to be constant. More about it is in the email above.
Thanks,
-Anand
