From: "Theodore Ts'o" <tytso@mit.edu>
To: "Matthew J. Fanto" <mattf@mattjf.com>
Cc: linux-kernel@vger.kernel.org
Subject: Re: The Ext3sj Filesystem
Date: Thu, 31 Oct 2002 23:41:53 -0500 [thread overview]
Message-ID: <20021101044153.GB12031@think.thunk.org> (raw)
In-Reply-To: <200210301434.17901.mattf@mattjf.com>
On Wed, Oct 30, 2002 at 02:34:17PM -0500, Matthew J. Fanto wrote:
>
> I am annoucing the development of the ext3sj filesystem. Ext3sj is a
> new encrypted filesystem based off ext3. Ext3sj is an improvement
> over the current loopback solution because we do not in fact require
> a loopback device. Encryption/decryption is transparent to the user,
> so the only thing they will need to know is their key, and how to
> mount a device.
Couple of points here.
First of all, have you considered trying to do this as a stacking
filesystem? Talk to the Intermezzo and Luster folks; they've gotten
quite good at stacking their value-added filesystem on top ext2/3.
This avoids code duplication, since now you don't have to track bug
fixes in the core ext2/3 code. It also enforces functional
separation, and should your filesystem smaller and easier to maintain.
It also means that you can potentially use your code to provide crypto
services to other filesystems besides just ext3.
Secondly, the really critical question is key management. What
happens if the user gets the key wrong? Will he/she know? Or will
they just get garbage if the read from the file, and be able to trash
the file if they write to the file with the incorrect key? Using some
kind of key-ID and some way of validating that the key is correct
before the user does start accessing files would probably be a really
good idea.
Finally, if you do want to allocate some additional fields in the ext2
inode, superblock, etc., please coordinate with me, so we can avoid
conflicts as much as possible. Thanks!!
- Ted
next prev parent reply other threads:[~2002-11-01 4:36 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-10-30 19:34 The Ext3sj Filesystem Matthew J. Fanto
2002-10-30 20:00 ` Andreas Dilger
2002-10-30 21:33 ` Matthew J. Fanto
2002-10-31 16:21 ` Henning P. Schmiedehausen
2002-11-01 1:32 ` Bill Davidsen
2002-10-30 20:28 ` Rik van Riel
2002-10-31 16:36 ` Nicholas Wourms
2002-10-30 20:56 ` Lars Marowsky-Bree
2002-10-30 21:20 ` Matthew J. Fanto
2002-10-30 21:34 ` Bill Davidsen
2002-10-30 21:40 ` Matthew J. Fanto
2002-11-01 4:41 ` Theodore Ts'o [this message]
2002-11-01 5:14 ` Matthew J. Fanto
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20021101044153.GB12031@think.thunk.org \
--to=tytso@mit.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=mattf@mattjf.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox