usb flash disk, ext3 file systems, enforcing rights, security
Konstantin Svist
fry.kun at gmail.com
Tue Dec 11 17:55:37 UTC 2007
Mike Wright wrote:
> Paul Johnson wrote:
>> How do you secure privacy of files on a USB stick?
>>
>> The usb flash memory stick works fine if it is VFAT, but what if you
>> are worried you might lose it and then anybody could read your
>> secrets. Or, if you need to share a file to somebody, but don't want
>> them to read everything else, what do you do?
>>
>> I thought I could fix that by putting on an ext3 file system. But it
>> doesn't help. Windows users with IExplore can see all the files, no
>> matter who owns them.
>>
>> On a Linux system, the owners of the files are not recognized. I had
>> forgotten that ext3 uses user numbers, rather than user names, for
>> ownership information. So when I take a disk from one system to the
>> next, then the user is either unrecognized or wrong. Here's a case
>> where it is unrecognized:
>>
>> drwxr-xr-x 3 29999 29999 4096 2007-11-26 19:50 Booger
>>
>> I've seen other cases where another user who happens to have the same
>> user number is given ownership of my files.
>>
>> So, apparently I can't rely on the file system permissions to give me
>> any security.
>>
>> Aside from tarring up stuff that I don't want to be public and
>> encrypting with a gpg signature, I'm stumped on what I should do.
>>
>> Can you put an encrypted file system on a usb flash disk? How?
>>
>
> Hi Paul,
>
> Have you looked at ecryptfs? It lays on top of the underlying
> filesystem so the files would be visible but their contents would
> require a key or passphrase to decrypt.
>
> http://ecryptfs.sourceforge.net/ecryptfs_design_doc_v0_1.pdf
>
> :m)
>
But is it compatible with other OSes? It would be perfect to have
something that allows me to use encryption but still be able to access
my files on mac & windows.
More information about the fedora-list
mailing list