FUD about CGD and GBDE

Alexey Neyman alex.neyman at auriga.ru
Thu Mar 3 12:21:15 GMT 2005 

I think the original author expressed the following concern:

- without the GBDE, a failure to write meta-data for a file (say, 
'atime' for /etc/passwd) will not result in an unusable system. 
Whether it was written or not does not matter much: either way, the 
links to actual file blocks remain intact, and the file itself is 
preserved.

- with the GBDE, updating atime on /etc/passwd could result in a 
mismatch between the key to a certain sector (containing the inode 
for /etc/passwd) and the sector itself. This way, one won't be able 
to decrypt the sector and all information in that sector (including 
the pointers to file blocks) is lost.

Regards,
Alexey.

On Thursday 03 March 2005 15:04, Bernd Walter wrote:
> On Thu, Mar 03, 2005 at 01:30:15AM +0100, Poul-Henning Kamp wrote:
> > In message <20050302162928.0916237012 at arioch.imrryr.org>, Roland 
Dowdeswell wri
> > tes:
> > 
> > >Let's discuss a simple example and see how it works.  Let's walk
> > >through a user login, with /etc/passwd on GBDE and the filesystem
> > >mounted with mtime.
> > 
> > These days, on the majority of low cost disks used in enduser
> > configurations you risk looking an entire track if the disk were
> > writing when you pulled power.  (People complain about this, but
> > doesn't seem to be willing to pay to avoid it.)
> 
> No matter what disk you take - writes never have been atomic.
> The major difference I see is that you get a read error back in
> the disk failure case, while such a crypto failure produces more or
> less random data without any error.
> Mounting unclean filesystems rw for bg_fsck can be considered
> dangerous with such unexpected data corruption.
> And how would you know that a restore from backup is required for
> a damaged file?
> 
> -- 
> B.Walter                   BWCT                http://www.bwct.de
> bernd at bwct.de                                  info at bwct.de
> 
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to 
"freebsd-hackers-unsubscribe at freebsd.org"
> 

-- 
We are intelligent and clever, though you would never call us cunning.
                        -- Spathi, SC2

More information about the freebsd-hackers mailing list