From: Valient G. <vg...@po...> - 2005-06-13 10:03:04
|
So can I correctly characterize the data flow in the test setup as: local server FS -> encfs -> FUSE -> NFS server=20 -> NFS client -> cp -> local client FS Or is encfs being run on top of another type of filesystem (like an NFS=20 mount)? On Sunday 12 June 2005 22:36, Matthias Rieber wrote: > > the resulting encfs filesystem (plaintext data)? Or are you having nfs > > export enciphered data and then running encfs on the remote system to > > decipher the data? > > no. Maybe I should try that, but I'm a bit afraid of file locking problems > and damaging the encrypted files. =46rom a security standpoint, it is usually better to have the client handl= e the=20 encryption, rather then the server.. If there is a problem with the interaction between NFS and FUSE, then this = may=20 avoid that problem. If you export the encrypted data through NFS, then=20 you're just exporting a normal filesystem, so no NFS <-> FUSE interaction o= n=20 the server. =20 The data flow would then look like: local server FS -> NFS server=20 -> NFS client -> encfs -> FUSE -> cp -> local clientFS =09 Of course this doesn't help finding the source of the problem, just an idea= =20 for a workaround. regards, Valient |