[jira] [Commented] (LUCENE-9379) Directory based approach for index encryption

[Robert Muir (Jira)]

    [ 
https://issues.apache.org/jira/browse/LUCENE-9379?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17353644#comment-17353644
 ] 

Robert Muir commented on LUCENE-9379:
-------------------------------------

Sorry, the above comment is really wrong. Please see my comments on linked 
issues.

You can definitely manage encryption at multiple levels in the os:
* block level
* filesystem level

Please understand the options available and be educated about this, see: 
https://www.kernel.org/doc/html/latest/filesystems/fscrypt.html
This FS-level crypto subsystem is usable with e.g. ext4 and f2fs filesystems, 
among others. So you can definitely do different stuff per-directory, which 
makes multitenant use-cases easily possible (and from my understanding, was the 
intent of the changes in the first place)

I won't drop my {{-1}} vote on this because folks won't read the documentation 
for their operating system.


> Directory based approach for index encryption
> ---------------------------------------------
>
>                 Key: LUCENE-9379
>                 URL: https://issues.apache.org/jira/browse/LUCENE-9379
>             Project: Lucene - Core
>          Issue Type: New Feature
>            Reporter: Bruno Roustant
>            Assignee: Bruno Roustant
>            Priority: Major
>          Time Spent: 2.5h
>  Remaining Estimate: 0h
>
> +Important+: This Lucene Directory wrapper approach is to be considered only 
> if an OS level encryption is not possible. OS level encryption better fits 
> Lucene usage of OS cache, and thus is more performant.
> But there are some use-case where OS level encryption is not possible. This 
> Jira issue was created to address those.
> ____________________________________________
>  
> The goal is to provide optional encryption of the index, with a scope limited 
> to an encryptable Lucene Directory wrapper.
> Encryption is at rest on disk, not in memory.
> This simple approach should fit any Codec as it would be orthogonal, without 
> modifying APIs as much as possible.
> Use a standard encryption method. Limit perf/memory impact as much as 
> possible.
> Determine how callers provide encryption keys. They must not be stored on 
> disk.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org