[openbeos] Re: BFS and encryption.

On Tue, 2001-10-30 at 13:27, John Gabriele wrote:
> --- Ken Derborg Madsen <kenny@xxxxxx> wrote:
> > 
> > Hi,
> > I was wondering, are you going to make a complete clone of the BFS or 
> > will there be room for changes in it?
> > In this case im thinking, if it would be possible to have some form of 
> > encryption added to the fs?
> > Ofcourse it would be a huge task, but im thinking it would be easier to 
> > do now when your planing instead of later on.
> > 
> > Ken Madsen
> 
> I'm pretty sure this has already been discussed at length here
> on this list but I don't recall the final resolution. Would someone
> mind laying it out on the table so I can immortalize the answer in
> the faq?

I can think of a couple of arguments against:

1) We're trying to build/keep compatibility with BeOS 5, and messing
with the filesystem will kill that.  In R2+, we could design a BFS+ that
supports encryption, but adding too much to R1 will kill it.

2) If you're interested in encrypting single files (which is what a lot
of people are), then a user-land tool is really the way to go.

3) I would argue that a better way to do encrypted filesystem support is
via a "loop-back" driver, ala Linux, that allows an encrypted file to be
"mounted" as an unencrypted file, then the unencrypted file holds a BFS
filesystem.  Once the BFS filesystem has been mounted, the original file
is removed from the user-accessible filesystem.

The second two arguments also allow for more than one or two (or even
all the currently known) encryption algorithms, should something new
(quantum cryptography?) make current encryption methods inadequate.

Just my $0.02,
-- 
Evan Knop <argent@xxxxxxxxxxx>

Other related posts: