Hello everybody,
looking at the frontpage of ecryptfs I see
Dynamic policy support (in plan)
Could somebody please elaborate a bit - I'm not sure what is meant here.
(Although that might be wishful thinking, as it's exactly the behaviour I'd
need :-) I'd read that as something like
- over-mount some directory, say /home/user.
- "old" files would be read and delivered in the clear
- newly created files *can* be created encrypted, based on some ordered
rules on the filename. Eg:
* every file named like "clear-*" would remain in the clear:
/home/user/clear-1
/home/user/b/secret/c/d/clear-2
* every file below *any* directory named "secret" gets encrypted with key1:
/home/user/secret/a
/home/user/b/secret/c/secret2/d/e
* every file below *any* directory named "secret2" gets encrypted with key2:
/home/user/secret2/a
/home/user/b/secret2/c/d/e
Is something like this feasible? Normally such policy gets solved in
userspace, so it might be some userspace-helper (like the one needed for
asymmetric key ops) making the decision.
Is that meant? Or what can I hope for?
Regards,
Phil
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
eCryptfs-users mailing list
eCryptfs-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ecryptfs-users
