Re: FreeBSD Security in Multiuser Environments



On Sun, Apr 01, 2012 at 10:49:31AM +0200, Dag-Erling Smørgrav wrote:
schultz@xxxxxxxxxx writes:
* Encrypted the whole (except /boot) system with geli(8)
(HMAC/SHA256 and AES-XTS). It is not as nice and much slower
than proper filesystem-level checksumming but it is what
FreeBSD provides (ZFS is too unstable).

ZFS is stable enough, but I'm a little confused: encryption is not
"checksumming", and ZFS provides checksums but not encryption.

Also, on-disk encryption provides no additional protection against
system users. It protects the data when no keys are available (for
example when your turned off laptop is stolen) and in running system
keys are in memory and disks are decrypted, so users that are logged in
have access to decrypted content. To protect file system content from
system users one should use standard UNIX permissions and ACLs.

--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am! http://tupytaj.pl

Attachment: pgprJwfPlvtMt.pgp
Description: PGP signature



Relevant Pages

  • Re: FreeBSD Security in Multiuser Environments
    ... FreeBSD provides (ZFS is too unstable). ... "checksumming", and ZFS provides checksums but not encryption. ... I'm not sure what "made sudo setuid only to users in sudoers" means. ...
    (FreeBSD-Security)
  • Re: where is zfs metadata stored
    ... read corrupt files all day long like nothing is wrong. ... If there is no checksumming you don't know when the data ... According to multiple tests silent data corruption is ... Actually ZFS is already much more mature than VxVM/VxFS offering. ...
    (comp.unix.solaris)
  • Re: Getting FreeBSD 8.0-CURRENT?
    ... JYA wrote: ... on a 6 x SATA300 RAIDZ array:( ... # zfs get checksum ... checksumming has the potential to be rather CPU-intensive. ...
    (comp.unix.bsd.freebsd.misc)