Jon Stewart on 19 Nov 2003 05:47:29 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [hosers-talk] script-fu for trash

> There already is at least one encrypted file system that Linux can handle,
> thought I don't remember the name of it right now.

A quick google reveals that the "standard" way to do it is the loopback 
encryption filesystem. You have a regular filesystem which contains an 
encrypted file which is mounted over loopback.

SecurityFocus says it's vulnerable to a replay attack, though no exploits 
are known and this would be difficult; nonetheless, it's a design flaw. 

I'm not particularly crazy about the idea because it seems like a really 
lazy way to support an encrypted fs. You've gotta' be taking a pretty 
decent performance hit. OTOH, it does sound simple enough to be reliable.

And, man, I am lazy...

Jon Stewart                                 Advanced Los Angeles C++
hosers-talk mailing list