On Thursday 22 March 2007 20:48:44 Joe Pfeiffer wrote: > It's not necessary (which was one of my goals) -- if the pefs is > mounted, any time the application reads or writes an encrypted file > the Right Thing Happens. An encryption-aware application can request > its databases be saved encrypted; the encryption manager would handle > encrypting databases for unaware applications, after which the > encryption would happen without any help from the application.
I'm not entirely sure why one would need a new FUSE driver then. Can't you just use encfs (I gather you don't want LUKS because it needs setting Filesystem size in advance and I can see why one would want to avoid that [1]) and tell the apps to either use the encrypted tree or not? Then any app can be made to use the encryption features by virtue of providing it with proper paths. Things like unmounting on inactivity etc can easily be handled by a small user space daemon running besides FUSE then. And if you want to provide different levels of security, simply add more trees... [1] From a purely technicaly point of view, I much prefer LUKS to encfs though. I wonder if one could have dynamically growing LUKS volumes inside normal files?
pgprpKxtPlMMM.pgp
Description: PGP signature
_______________________________________________ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community