[ecryptfs man page] "ecryptfs_encrypted_view" option desription is wrong
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
eCryptfs |
Fix Released
|
Low
|
Tyler Hicks |
Bug Description
The original kernel patch that introduced this option states
ecryptfs_
- When set, this option causes eCryptfs to present applications a
view of encrypted files as if the cryptographic metadata were
stored in the file header, whether the metadata is actually stored
in the header or in the extended attributes.
No matter what eCryptfs winds up doing in the lower filesystem, I want
to preserve a baseline format compatibility for the encrypted files. As of
right now, the metadata may be in the file header or in an xattr. There is
no reason why the metadata could not be put in a separate file in future
versions.
Without the compatibility mode, backup utilities would have to know to
back up the metadata file along with the files. The semantics of eCryptfs
have always been that the lower files are self-contained units of encrypted
data, and the only additional information required to decrypt any given
eCryptfs file is the key. That is what has always been emphasized about
eCryptfs lower files, and that is what users expect. Providing the
encrypted view option will provide a way to userspace applications wherein
they can always get to the same old familiar eCryptfs encrypted files,
regardless of what eCryptfs winds up doing with the metadata behind the
scenes.
How ever the man page states:
This option, when set, will have eCryptfs return the encrypted versions of the lower files, rather than decrypt
Related branches
Changed in ecryptfs: | |
status: | Confirmed → Triaged |
Changed in ecryptfs: | |
status: | Fix Committed → Fix Released |
Assigning this to myself - I need to update the man page for ecryptfs_ unlink_ sigs, also.