Hello all
i have a question. An application want to access an ecryptfs protected
file;
then Ecryptfs retrieves the metadata bound to the file and decrypts the FEK
using a matched key in the user ?keyring; finally Ecryptfs setup a
cryptographic context and the inode for the requested file becomes active.
The
file can be read from all applications that have permission using the same
cryptographic context, if i'm not wrong. There's a way to block at this
point
the decryption using for example a per-application policy?
Is this the better point where it's possible to insert a "policy manager",
eventually modifying the original code?
Thanks
(sorry if you see more copies of this email, i'm not sure it has been sent
in the previous attempt)
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
eCryptfs-users mailing list
eCryptfs-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ecryptfs-users
