Data security
Lamarque V. Souza
lamarque at kde.org
Fri Jan 6 00:35:34 UTC 2012
Em Thursday 05 January 2012, Ivan Čukić escreveu:
> > that was before encfs was invented. So at least all of home - not sure
> > any more about /
>
> Since encfs is a fuse system, it should (I haven't tested) be slower
> than kernel-space encryption.
>
> > But your encfs solution sounds good if that is really possible to get
> > each activity encrypted and gives the possibility that a user says he
> > doesn't care about encryption (/me belongs to those as I know that it
> > can be broken). It would also reduce the RAM attack vector to just the
> > current loaded activity
>
> For me, it could be just a simple (ui-wise) question in the activity
> settings dialogue. I'll just need to investigate how to invoke fuse
> and not deal with execution via shell which would be sucky :)
I tried to mount my ntfs-3g partition, ntfs-3g also uses fuse. Well,
mount+fuse does not like non-root users:
[lamarque at evolucao ~]$ qdbus --system org.freedesktop.UDisks
/org/freedesktop/UDisks/devices/sda1
org.freedesktop.UDisks.Device.FilesystemMount ntfs-3g '(' ')'
Error: org.freedesktop.UDisks.Error.Failed
Error mounting: mount exited with exit code 1: helper failed with:
mount: only root can mount /dev/sda1 on /mnt/winboot
Even after adding the option 'users' in /etc/fstab the command above
returns the same message. Even dolphin cannot mount it and it mounts other
filesystems if they have the 'users' option.
I am afraid you will have to use sudo to mount a filesystem that uses
fuse. Something like this in /etc/sudoers should allow users from a specific
group to mount using fuse:
%myGroup LOCALHOST=NOPASSWD: /bin/mount -t encfs
%myGroup LOCALHOST=NOPASSWD: /bin/umount <mount point>
Then run:
sudo mount -t encfs -o <options> /dev/sda2 <mount point>
Using a QProcess. I think QML does not support running external
programs, right?
--
Lamarque V. Souza
KDE's Network Management maintainer
http://planetkde.org/pt-br
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/active/attachments/20120105/d3dd47b7/attachment.html>
More information about the Active
mailing list