I think you said in an earlier message that you didn't plan on doing
per-directory encryption. That actually sounds like a pretty useful feature -
something like the sticky bit could make all files created inside
automatically encrypted under the same key.
Also, have you worked out the threat model? It seems not at all obvious to
me. I can keep my encrypted data safe from burglars who steal my machine, but
if they leave it where it is and just compromise it, they can pretty easily
get all existing data as well as future data.
-J
____________________
BYU Unix Users Group
http://uug.byu.edu/
___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
