Hans Reiser wrote:
Edward Shishkin wrote:
When you load a key, who can access the file? Only the person who
loaded it, yes or?
Currently standard unix permissions work here.
but the idea is to use keys instead of standard unix permissions....
I think you need to store keys in a per process place, and allow
specifying whether children of a process inherit the keys somehow.
Unfortunately the encrypt-on-flush violates all this beauty: the flush,
which serves all the files, can not look for a key in the process
keyring (*), therefore besides the process keyrings, reiser4 should
create and manage its own keyring (accessible to the flush). It means
additional charges on searching, hashing, updating, etc..
(*) Because:
1) the flush does not have needed task_struct;
2) the flush can not return an error if someone killed the key in
the process keyring.
Edward.
