I know at least several technologies that protect "data at rest" , such as dm-crypt, tomb, eCryptfs.
The problem with dm-crypt or eCrypts that since file system is mounted, all logged users, including attackers can read files.
But I did not find anything that protects data at run, i.e decrypts only file read request using user key.
Please advise,
Lev
_______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il