I didn''t see how backups are done in a way that will preserve the encryption. From what I remember of EFS, it provides a flag on the open that says whether the reader is getting the plaintext or the encrypted bits. Backup utilities would read (and restore) encrypted bits. This seems like a useful feature. Radia
Radia Perlman wrote:> I didn''t see how backups are done in a way that will preserve the > encryption. > From what I remember of EFS, it provides a flag on the open that says > whether > the reader is getting the plaintext or the encrypted bits. Backup > utilities would > read (and restore) encrypted bits. This seems like a useful feature.That isn''t in scope for phase 1 of the ZFS crypto project. Backup and ZFS is already every complex and in my opinion not well thought out. Part of this is because Sun doesn''t actually produce any enterprise backup solutions and instead depends on products like Legato Networker and Veritas NetBackup. The backup of encrypted bits isn''t too hard but the restore is very complex, and made even more complex by existing ZFS backup issues related to snapshots, clones, dataset properties. So I''d really like to leave this as out of scope for phase 1 until we have a better idea of how ZFS is really going to be backed up in a way that dataset and pool properties, clones, snapshots are understood by the backup software. -- Darren J Moffat
In order to allow meta-data like directory contents to be seen by backup tools but file contents not to be seen by backup tools we''ll need separate keys for meta-data and file data contents. Also, we''ll need to figure out what meta-data has to be protected with per-file data keys. For example, file length should be protected with the file''s data key so that backup operators can''t mount truncation attacks. File names are much harder to protect that way because of POSIX hard links -- this particular problem makes me think that per-dataset keying, with zfs send (with encrypted blocks, not cleartext, as in the proposed phase1 of ZFS crypto) may be the way to go. The ZFS philosophy is "datasets are cheap, so just create more when you need them" and that may be good enough for many uses of ZFS crypto. Nico --