It's true (partially) that the administrator has access to all secrets stored on the server. However the administrator does not _know_ a users password or samba password. He can of course change those passwords. This however would be noticed by the user who's password has been changed and data encrypted with the users former password would still not decrypt (with the new password) to some meaningful data, right?
If this is correct my requirements would be fulfilled. I do not know at all how things are running within samba but fact is, that any user authenticates himself when connecting to a server share from his client. Wouldn't this be the method to tell a VFS module to do encryption/decryption with the user's password? As I already stated, I am aware that things are not that simple but the principle should remain. My PDC is setup to present the user a network drive H: that holds his home directory; this is great and very simple to configure with samba. Why not present the user, say network drive Q:, showing the decrypted contents of a file stored on the server that is encrypted with the users password? The user wouldn't 'see' any difference between accessing files on H: or Q:. This would provide a truly transparent access to encrypted data. ------------------------- Felix Andrew Bartlett wrote: AB> We run into issues such as 'how do you key the crypto'. The AB> administrator has access to any secrets stored on the server, so how AB> would Samba decrypt the data, but the administrator not? AB> Without protocol modifications, or some extra client-side tool, this AB> becomes quite a challenge. And then the administrator could still AB> subvert the whole thing. AB> A slightly easier goal would be to protect files on a stolen hard disk AB> (ie trust the admin, but not always the person with the server), but I AB> still don't see how to do it without protocol modifications. AB> Andrew Bartlett -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
