On Thu, 2004-01-22 at 12:56, Michael Halcrow wrote: > Good. I agree that loop-aes and cfs are both insufficiently > transparent. How about the ability to right-click on a file in > konqueror or nautilus, select ``Encrypted'', and then have all > encryption and decryption take place for that one file, transparently > to any end user applications?
Exactly. Likewise, nautilus and the KDE equivalent responsible for the desktop should be monitoring D-Bus or en equivalent. When a program tries to interact with the encypted file/directory, a message should be sent out. If a program responds saying it can handle the password request, the kernel described what info it wants. If no program takes responsibility, a system error is generated. Bash should be patched for the command line only types. A proxy should be available so that password requests can be passed back through X or the ssh key agent. It should only do so if it can guarantee transport security. Obviously, some resolution algorithm will be needed if multiple programs volunteer to prompt for password. -- Stuart Jansen <[EMAIL PROTECTED], AIM:StuartMJansen> âThe programmer, like the poet, works only slightly removed from pure thought-stuff. He builds his castles in the air, from air, creating by exertion of the imagination. Few media of creation are so flexible, so easy to polish and rework, so readily capable of realizing grand conceptual structures.â -- Fredrick Brooks, Mythical Man Month
signature.asc
Description: This is a digitally signed message part
____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
