Date: Mon, 5 Oct 2020 09:50:46 -0600 From: Alan Somers <asomers@freebsd.org> To: Eric McCorkle <eric@metricspace.net> Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: Mounting encrypted ZFS datasets/GELI for users? Message-ID: <CAOtMX2jk9YzmKSQGaTAmwBgKK4AVW0%2B%2BbtJR6kxM%2Ba=NYjjjqg@mail.gmail.com> In-Reply-To: <630f9133-4f67-92bd-41f9-fb04d985c159@metricspace.net> References: <8d467e98-237f-c6a2-72de-94c0195ec964@metricspace.net> <CAOtMX2hbt-2MBryLUJLU9CLgvZO29vNzMwtSrR1YXvknHFaGjA@mail.gmail.com> <630f9133-4f67-92bd-41f9-fb04d985c159@metricspace.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 5, 2020 at 9:40 AM Eric McCorkle <eric@metricspace.net> wrote: > On 10/5/20 11:12 AM, Alan Somers wrote: > > > First of all, what kind of thread are you concerned with? Disk > > encryption does not protect against an attacker with access to a live > > machine; it only protects against an attacker with access to an off > > machine, or to the bare HDDs. Per-user encryption would presumably > > protect one user from another user who has physical access to the off > > server. Is that what you're worried about? If not, then you shouldn't > > bother with per-user encryption. Just encrypt all of /home or all of > > the pool with a single key. > > > > -Alan > > I am evaluating options for domains where use of per-user encryption is > mandated, often as a means of protecting against insider threats. > But if the victim user and the aggressor user are logged in at the same time, then both users' home directories will be decrypted, and unix permissions will be the only thing protecting the victim, right? That situation doesn't sound any better than no encryption at all. And insiders who have offline access to the HDDs would be thwarted by global encryption just as much as per-user encryption. I'm not denying that you may be under some legal mandate for per-user encryption; I just don't understand the motivation. OmniOS has a module that creates a new home directory ZFS dataset the first time. But the last time I looked at it, it didn't include any encryption. -Alan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOtMX2jk9YzmKSQGaTAmwBgKK4AVW0%2B%2BbtJR6kxM%2Ba=NYjjjqg>