From owner-freebsd-security@FreeBSD.ORG Sun Apr 1 21:06:00 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BD8C11065676 for ; Sun, 1 Apr 2012 21:06:00 +0000 (UTC) (envelope-from pawel@dawidek.net) Received: from mail.dawidek.net (60.wheelsystems.com [83.12.187.60]) by mx1.freebsd.org (Postfix) with ESMTP id 6E0C08FC12 for ; Sun, 1 Apr 2012 21:06:00 +0000 (UTC) Received: from localhost (89-73-195-149.dynamic.chello.pl [89.73.195.149]) by mail.dawidek.net (Postfix) with ESMTPSA id 132E4B9A; Sun, 1 Apr 2012 23:05:51 +0200 (CEST) Date: Sun, 1 Apr 2012 23:04:18 +0200 From: Pawel Jakub Dawidek To: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= Message-ID: <20120401210418.GC1346@garage.freebsd.pl> References: <20120331140820.101653608997tekk@webmail.ime.usp.br> <86fwcnygys.fsf@ds4.des.no> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="TakKZr9L6Hm6aLOc" Content-Disposition: inline In-Reply-To: <86fwcnygys.fsf@ds4.des.no> X-OS: FreeBSD 10.0-CURRENT amd64 User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-security@freebsd.org, schultz@ime.usp.br Subject: Re: FreeBSD Security in Multiuser Environments X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2012 21:06:00 -0000 --TakKZr9L6Hm6aLOc Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Apr 01, 2012 at 10:49:31AM +0200, Dag-Erling Sm=F8rgrav wrote: > schultz@ime.usp.br writes: > > * Encrypted the whole (except /boot) system with geli(8) > > (HMAC/SHA256 and AES-XTS). It is not as nice and much slower > > than proper filesystem-level checksumming but it is what > > FreeBSD provides (ZFS is too unstable). >=20 > ZFS is stable enough, but I'm a little confused: encryption is not > "checksumming", and ZFS provides checksums but not encryption. Also, on-disk encryption provides no additional protection against system users. It protects the data when no keys are available (for example when your turned off laptop is stolen) and in running system keys are in memory and disks are decrypted, so users that are logged in have access to decrypted content. To protect file system content from system users one should use standard UNIX permissions and ACLs. --=20 Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://tupytaj.pl --TakKZr9L6Hm6aLOc Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAk94wtEACgkQForvXbEpPzTTzACg0qoIJZ8rXO0lPZqZGO6oVz/h oggAoPLnGeuCylkRopF7VAXSVSAe9Xsj =4goP -----END PGP SIGNATURE----- --TakKZr9L6Hm6aLOc--