Red Hat Bugzilla – Bug 78544
[RFE] add encrypted file system support
Last modified: 2007-04-18 12:48:41 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.6 (X11; Linux i686; U;) Gecko/20020830
Description of problem:
Encrypted file system support is becoming a feature necessary in securing
systems - it's being adopted by other distributions and is a standard feature
available on many operating systems (especially the dominant Windows 2000/XP).
This is particularly handy for the enterprise in adopting Red Hat Linux
installed on laptops and mobile computing devices that could potentially handle
important data that should not fall into the wrong hands.
There are various methods and drivers that currently work with the Linux kernel
- some are non-interference implementations (mostly reside in the user level and
are easily modified/setup via the loopback device). Some are on the low-level
parts of the kernel - which could cause problems in kernel maintenance and
As it stands, adding a kernel "hook" for a usermode driver, and adding user-land
utilities to setup loopback devices and a simple loopback file to store
encrypted data would be a big plus, since the operating system itself does not
necessarily be encrypted (for speed purposes). Only sections of the operating
system needs to be encrypted, as well as some installed applications
(/etc/passwd, /opt/secure??) would need to be encrypted.
I believe a nicely streamlined setup application combined with this module would
help Red Hat Linux adoption for mobile computing devices and laptops.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. see description.
Actual Results: No existence of a method to encrypt file system data.
Expected Results: kernel level support for encrypted file systems.
user-level applications to setup encrypted file systems.
ehm please check again; the 8.0 kernel HAS loop encryption support
In reference to Bug 56698, the distribution should have a method of configuring
an encrypted file system. I am currently working on a GTK2 application that
will handle this on a per-user level (configurable by root) - however,
non-functional (out-of-the-box) loopback encryption support for filesystems _in
the distribution_ prevents this capability (as it stands).
Should this be Bill's RFE bug?
Elliot, can we pull in the util-linux bits?
Would like to use whatever the upstream util-linux maintainer decides to accept.
I will e-mail him again to find out what the status is.
Until there's a util-linux with crypto support included, I don't want to add support in the RH
package by choosing from the umpteen patch sets out there.
*** This bug has been marked as a duplicate of 56698 ***