FUD about CGD and GBDE
Alexey Neyman
alex.neyman at auriga.ru
Thu Mar 3 12:21:15 GMT 2005
I think the original author expressed the following concern:
- without the GBDE, a failure to write meta-data for a file (say,
'atime' for /etc/passwd) will not result in an unusable system.
Whether it was written or not does not matter much: either way, the
links to actual file blocks remain intact, and the file itself is
preserved.
- with the GBDE, updating atime on /etc/passwd could result in a
mismatch between the key to a certain sector (containing the inode
for /etc/passwd) and the sector itself. This way, one won't be able
to decrypt the sector and all information in that sector (including
the pointers to file blocks) is lost.
Regards,
Alexey.
On Thursday 03 March 2005 15:04, Bernd Walter wrote:
> On Thu, Mar 03, 2005 at 01:30:15AM +0100, Poul-Henning Kamp wrote:
> > In message <20050302162928.0916237012 at arioch.imrryr.org>, Roland
Dowdeswell wri
> > tes:
> >
> > >Let's discuss a simple example and see how it works. Let's walk
> > >through a user login, with /etc/passwd on GBDE and the filesystem
> > >mounted with mtime.
> >
> > These days, on the majority of low cost disks used in enduser
> > configurations you risk looking an entire track if the disk were
> > writing when you pulled power. (People complain about this, but
> > doesn't seem to be willing to pay to avoid it.)
>
> No matter what disk you take - writes never have been atomic.
> The major difference I see is that you get a read error back in
> the disk failure case, while such a crypto failure produces more or
> less random data without any error.
> Mounting unclean filesystems rw for bg_fsck can be considered
> dangerous with such unexpected data corruption.
> And how would you know that a restore from backup is required for
> a damaged file?
>
> --
> B.Walter BWCT http://www.bwct.de
> bernd at bwct.de info at bwct.de
>
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to
"freebsd-hackers-unsubscribe at freebsd.org"
>
--
We are intelligent and clever, though you would never call us cunning.
-- Spathi, SC2
More information about the freebsd-hackers
mailing list