encrypted filesystem

2002-12-20
2002-12-20
  • Valient Gough
    Valient Gough
    2002-12-20

    First let me say good job mali!

    I found lufs from an announcement a week or two ago and I've started playing with it to implement an encrypted filesystem.  I miss TCFS..

    A patch of my current work is available at http://www.pobox.com/~vgough/lufs  - the latest is changeset 1.10 as a diff from lufs 0.8.3 (lufs-0.8.3-encfs-1.10.patch.bz2).

    I haven't gotten to using decent encryption code yet, so it is using rot13 for the 'encryption' - convenient for testing that things are working, but obviously not secure (it doesn't even require a password to mount).  To use it, build and install it, then "lufsmount encfs:///tmp/crypt-real /tmp/crypt-fake"  , anything added to /tmp/crypt-fake is then stored as rot-13 in the /tmp/crypt-real directory, both filenames and file contents are processed..

    I've a couple questions though:  is it possible that a particular FileSystem instance will be asked to open a file more then once?  That is, will do_open be called in the same thread, for the same file multiple times before a do_release is called, or is that not possible due to the lufs layer?

    Second - I modified lufsmount to add "encfs" as one of the filesystem options.  Is that the right way to add a filesystem, or is it possible to add a filesystem without modifying lufs/util code?

    The other reason I'm writing is to see if anyone else is working on an encrypted filesystem based on lufs.  If you are, please post what you have, or ideas so we can discuss.

    regards,
    Valient Gough