On Sun, 06 Apr 2003 21:14:36 EDT, Pierre Abbat [EMAIL PROTECTED] said:
The tape monkey might could overwrite an encrypted file on disk with random
gibberish.
The problem we started discussing was that a backup system needs *read*
access to something isomorphic(*) to your data in order to
On Friday 04 April 2003 09:01, [EMAIL PROTECTED] wrote:
On Thu, 03 Apr 2003 18:22:11 EST, Pierre Abbat [EMAIL PROTECTED] said:
What's LSM? This sounds like it can do what I want with rsync. Is it
possible
to add a new key token to init and have it propagate to all processes?
If that's
On Fri, 04 Apr 2003 09:30:29 EST, Pierre Abbat [EMAIL PROTECTED] said:
But I'd also like to be able to have several encrypted directories on one
partition, with different keys, such that when I give the key any process
with the right UID can access them. I might have a cron job that needs
On Friday 04 April 2003 09:47, [EMAIL PROTECTED] wrote:
Properly applied, you can even leverage it further - for instance, if your
backup process doesn't have the key tokens, you can safely let it have
access to all the files - it can read the 127 meg of data to back it up in
a bitwise manner,
[EMAIL PROTECTED] wrote:
On Fri, 04 Apr 2003 09:30:29 EST, Pierre Abbat [EMAIL PROTECTED] said:
But I'd also like to be able to have several encrypted directories on one
partition, with different keys, such that when I give the key any process
with the right UID can access them. I
Pierre Abbat wrote:
On Friday 04 April 2003 09:47, [EMAIL PROTECTED] wrote:
Properly applied, you can even leverage it further - for instance, if your
backup process doesn't have the key tokens, you can safely let it have
access to all the files - it can read the 127 meg of data to back
On Fri, 04 Apr 2003 20:36:49 +0400, Edward Shushkin said:
Pierre Abbat wrote:
On Friday 04 April 2003 09:47, [EMAIL PROTECTED] wrote:
If a process that has no key tokens attempts to read an encrypted file with
the ordinary syscalls, does it get an error or the ciphertext?
Error.
Edward Shushkin wrote:
[EMAIL PROTECTED] wrote:
On Fri, 04 Apr 2003 09:30:29 EST, Pierre Abbat [EMAIL PROTECTED] said:
But I'd also like to be able to have several encrypted directories on one
partition, with different keys, such that when I give the key any process
with the right UID
Hans Reiser wrote:
Edward Shushkin wrote:
[EMAIL PROTECTED] wrote:
On Fri, 04 Apr 2003 09:30:29 EST, Pierre Abbat [EMAIL PROTECTED] said:
But I'd also like to be able to have several encrypted directories on one
partition, with different keys, such that when I give the key any
Edward Shushkin wrote:
Hans Reiser wrote:
Edward Shushkin wrote:
[EMAIL PROTECTED] wrote:
On Fri, 04 Apr 2003 09:30:29 EST, Pierre Abbat [EMAIL PROTECTED] said:
But I'd also like to be able to have several encrypted directories on one
partition, with different keys,
On Friday 04 April 2003 13:45, Hans Reiser wrote:
Edward Shushkin wrote:
On the
other hand, on the last seminar we made a conclusion to check key
validness in oredr to avoid a possible security hole when read() first
looks for uptodate (decrypted!) pages in memory before reading encrypted
Hendrik Visage wrote:
On Mon, Mar 31, 2003 at 05:58:04PM +0400, Edward Shushkin wrote:
I didn't invent something new..
I don't understand what should withstand scrutiny from crypto gurus.. md5? SHA?
The keying implementation as proposed.
I agree, but keying implementation is not ready,
Edward Shushkin wrote:
Hendrik Visage wrote:
On Mon, Mar 31, 2003 at 05:58:04PM +0400, Edward Shushkin wrote:
I didn't invent something new..
I don't understand what should withstand scrutiny from crypto gurus.. md5? SHA?
The keying implementation as proposed.
I agree, but
My policy is that user hassle should be minimal, and we should try to
select at least one default key management set of utilities to integrate
well with and test with.
Are you sure we should not get keys from the environment? Is there too
much performance cost?
It would be best if people
Anders Widman wrote:
My policy is that user hassle should be minimal, and we should try to
select at least one default key management set of utilities to integrate
well with and test with.
Are you sure we should not get keys from the environment? Is there too
much performance cost?
On Tuesday 01 April 2003 11:21, Hans Reiser wrote:
I think it is essential to the task that apps not be aware of keys.
Indeed. The reiser4-specific syscall should insert or delete a key into the
database; to open a file you use the generic open() syscall, which passes the
filename to reiser4,
Pierre Abbat wrote:
On Tuesday 01 April 2003 11:21, Hans Reiser wrote:
I think it is essential to the task that apps not be aware of keys.
Indeed. The reiser4-specific syscall should insert or delete a key into the
database;
why?
to open a file you use the generic open() syscall, which
On Sunday 30 March 2003 05:12, Hendrik Visage wrote:
In this whole discussion I'm still missing some references to research
papers on this technique, as it still sounds to me like security by
obscurity.
I didn't find this in research papers. I thought of it in the bathtub. The
credential
18 matches
Mail list logo
