Note that the proper way to provide the explicitly listed requirement
is to honor keys in the keyring at file open.
As for MAC integration - does ecryptfs not do xattrs? Or is this yet
another result of the idiotic kthread opening all files for everyeone?
-serge
On Mon, Apr 13, 2009 at 5:36 PM, Dustin Kirkland
<email address hidden> wrote:
> See also Bug #359338.
>
> :-Dustin
>
> --
> ecryptfs should integrate with selinux/apparmor to add MAC to filesystem access
> https://bugs.launchpad.net/bugs/278290
> You received this bug notification because you are a member of eCryptfs
> Developers, which is subscribed to eCryptfs.
>
> Status in eCryptfs - Enterprise Cryptographic Filesystem: Confirmed
>
> Bug description:
> It would be nice if SELinux and/or AppArmor could be used in conjunction with eCryptfs to apply Mandatory Access Controls on ecryptfs mounted filesystems.
>
> In this way, automated backups run by the root user would be prevented from accessing the mounted data in the clear.
>
> :-Dustin
>
Note that the proper way to provide the explicitly listed requirement
is to honor keys in the keyring at file open.
As for MAC integration - does ecryptfs not do xattrs? Or is this yet
another result of the idiotic kthread opening all files for everyeone?
-serge
On Mon, Apr 13, 2009 at 5:36 PM, Dustin Kirkland /bugs.launchpad .net/bugs/ 278290
<email address hidden> wrote:
> See also Bug #359338.
>
> :-Dustin
>
> --
> ecryptfs should integrate with selinux/apparmor to add MAC to filesystem access
> https:/
> You received this bug notification because you are a member of eCryptfs
> Developers, which is subscribed to eCryptfs.
>
> Status in eCryptfs - Enterprise Cryptographic Filesystem: Confirmed
>
> Bug description:
> It would be nice if SELinux and/or AppArmor could be used in conjunction with eCryptfs to apply Mandatory Access Controls on ecryptfs mounted filesystems.
>
> In this way, automated backups run by the root user would be prevented from accessing the mounted data in the clear.
>
> :-Dustin
>