From owner-freebsd-security@FreeBSD.ORG  Fri Oct 22 12:33:10 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9BBB216A4CE
	for <freebsd-security@freebsd.org>;
	Fri, 22 Oct 2004 12:33:10 +0000 (GMT)
Received: from male.aldigital.co.uk (male.aldigital.co.uk [213.129.64.13])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1996F43D31
	for <freebsd-security@freebsd.org>;
	Fri, 22 Oct 2004 12:33:10 +0000 (GMT)
	(envelope-from adam.laurie@thebunker.net)
Received: from [192.168.111.69] (host217-35-79-251.in-addr.btopenworld.com
	[217.35.79.251])	(using TLSv1 with cipher RC4-MD5 (128/128 bits))
	(No client certificate requested)
	by male.aldigital.co.uk (Postfix) with ESMTP
	id 9740C97748; Fri, 22 Oct 2004 13:33:07 +0100 (BST)
Message-ID: <4178FE02.9040103@thebunker.net>
Date: Fri, 22 Oct 2004 13:33:06 +0100
From: Adam Laurie <adam.laurie@thebunker.net>
User-Agent: Mozilla Thunderbird 0.7.3 (X11/20040916)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Yan Wang <ywang4@cs.pitt.edu>
References: <Pine.LNX.4.44.0410181139240.9443-100000@selenium.cs.pitt.edu>
In-Reply-To: <Pine.LNX.4.44.0410181139240.9443-100000@selenium.cs.pitt.edu>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Fri, 22 Oct 2004 12:33:59 +0000
cc: freebsd-security@freebsd.org
cc: richard childers / kg6hac <fscked@pacbell.net>
Subject: Re: transparent cfs (tcfs)
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Oct 2004 12:33:10 -0000

Yan Wang wrote:
> Richard,
> 
> Thank you for your information.
> 
> I got the response of TCFS authors, a group at University of Salerno, Italy,
> saying they have stopped the project. My impression is that it is pretty
> tough to port from OpenBSD to FreeBSD. The kernel part is very different.
> No wonder tcfs is not available at FreeBSD.org.
> 
> Interestingly, I also got a response from OpenBSD community. They also
> stopped the project to include tcfs into OpenBSD, because the software
> license problem. tcfs was not intended to be free.
> 
> As far as I know, AT&T's CFS is based on the work of Matt Blaze. What I
> heard is that it is implemented at the user space, only supporting
> directory encryption not file-level. Richard, is this true? I might
> reconsider using CFS.

CFS maps an encrypted directory tree, so everything in it including 
files and sub-directories gets encrypted. i've been using it, without 
problems, for several years, and would have no hesitation in 
recommending it.

cheers,
Adam
-- 
Adam Laurie                         Tel: +44 (20) 7605 7000
The Bunker Secure Hosting Ltd.      Fax: +44 (20) 7605 7099
Shepherds Building                  http://www.thebunker.net
Rockley Road
London W14 0DA                      mailto:adam@thebunker.net
UNITED KINGDOM                      PGP key on keyservers