On 24/11/08 22:40 +0100, Lupe Christoph wrote:
On Monday, 2008-11-24 at 16:12:56 +0100, Manuel Gomez wrote:Hi, i would like to maintain encrypt an archive in all moment, so i would like to know what software can be this.Now i am using Truecrypt, but when i mount the encrypted directory it's vulnerable. I want to mount the file and that the file can remains encrypt.Whenever you are able to read a file, it has to exist in unencrypted form. Let's say you have an editor or viewer that has builtin-in decryption. It will read the encrypted file, and decrypt it. to be able to work on it, the program has to keep the decrypted form. It also has to send it to some device for you to be able to work on it. The decrypted form will be readable from /dev/mem or /proc/<pid>/mem. by the superuser and (procfs only) your user. It will also be possible for at least the superuser to intercept what is going to the device. There is nothing you can do to prevent these kinds of attacks.
You could use SELinux to prevent these kind ofattacks.
So, storing your files in an encrypted filesystem with permissions set so that only your user (and the superuser) can read the files is no less secure than storing the files individually encrypted.
This depends on the attack vector. Using partition level encryption protects you from giving away your filenames and (to some degree) your atime, mtime and filesize when the partition is not mounted. regards, Rolf -- ... Expediency asks the question, 'Is it politic?' ...
Attachment:
signature.asc
Description: Digital signature