[lug] securing files

Nate Duehr nate at natetech.com
Mon Apr 22 18:24:42 MDT 2002


Yeah, I was kinda sliding towards a "this might work okay, but isn't what you
really want 'cause it can't be done" type of reply, but I got busy at work
couldn't finish the mail.

Figured if CFS meets a few of his goals, he might convince the boss that it's
"good enough" for what they're trying to accomplish... ????  And if nothing
else, it's interesting reading about how it works and how to set it up!  :-)

:-)

Nate, nate at natetech.com

"D. Stimits" wrote:

> Nate Duehr wrote:
> >
> > Not sure how well it's supported these days, but the CFS (Cryptographic
> > File System) might be useful.
>
> The document could still be copied during times that the CFS is mounted.
> What might be interesting is a dedicated CFS app that reads raw data
> from a partition that is not mounted, but then there is still a problem
> with screenshots, and depending on circumstances, copy/paste. CFS is
> good if you can guarantee that users are watched while the CFS is
> mounted; one can then relax after the umount, and not worry about copy
> (but gpgp can do this on a per-file basis, CFS is good for an entire
> partition).
>
> D. Stimits, stimits at idcomm.com
>
> >
> > Nate, nate at natetech.com
> >
> > Hugh Brown wrote:
> >
> > > I have some files that were acquired under agreement that they be
> > > completely confidential, only accessed by people on the project, and
> > > never transported unless encrypted.
> > >
> > > Right now they are on an NFS share.  I'd like to make it so that the
> > > files can't be copied anywhere but can still be read by the appropriate
> > > people.
> > >
> > > Any ideas?
> > >
> > > Hugh
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug




More information about the LUG mailing list