Originally posted by k1e0x
View Post
In the past I have done UID 1 over the wire. Ok I do want better protections that what I was using back then.
Originally posted by k1e0x
View Post
Originally posted by k1e0x
View Post
Systemd homed means to find a not used local UID and create a user allows you to dig yourself out of hole when UID conflict hits.
Originally posted by k1e0x
View Post
Originally posted by k1e0x
View Post
Sysadmins goes to change /etc creates a new snapshot of the /etc
Sysadmins does all need changes in the /etc snapshot directory this would allow Administrator to save partway though a configuration change without effecting anyone.
Sysadmins able to run a contained test run on this new snapshot.
Sysadmin able to issue a go live command to switch the system in 1 instant switch between old configuration snapshot to new configuration snapshot so removing the state problem.
This is not talking about under privileged users. This is talking about privileged user/application modifying the /etc while unprivileged application is reading from /etc. The unprivileged application may only in fact read part of the changes made by the privileged. This is the /etc state problem. The same happens with the Windows registry. This is a form of race condition bug.
There is way to solve this these days with some form of snapshotting.
I think the model for Desktop Unix has been so bused trying to get all the Unix variants to play nice and operate with the likes of Microsoft .. I'm not really sure what the proper modern example of that would be anymore.. Solaris? macOS? You got me.. RedHat accurately sees this problem, however their solution seems to stray from other examples and the historical pretty far. It is a Microsoft/Millennial solution to a very old problem and they need to go back and really think about what they are trying to do.
Originally posted by k1e0x
View Post
In all that Oracle and Sun mess find me a single FIPS certificate covering the ZFS encryption or the checksums. ZFS was bespoke uncertified junk encryption and checksums when Sun and Oracle did it..
Originally posted by k1e0x
View Post
Originally posted by k1e0x
View Post
Originally posted by k1e0x
View Post
Now of ZoL cannot afford to pay as a project it need to get the encryption and checksums out of itself somehow and processed in something that some other party is paying for the fips certification.
Person doing this failed to understand why encrypted with compression is not recommend without serous review. Talking about putting encryption and compression into a single solution is path to hell. https://en.wikipedia.org/wiki/Known-plaintext_attack Known plaintext attack can be a side effect of the wrong form of compression used with your encryption.
Yes deduplication also gives you clues for possible plaintext attack.
Basically everything you have written as so called nice feature for encryption file system I read as this need massive review yesterday. Not a nice to design to validate at all so flaws are likely.
Originally posted by k1e0x
View Post
Sorry that video does not make me happier. That complete video is basically a dumpster fire of all things that you should not do implementing a encrypted file-system unless you have serous money to pay for a massive review. Because there are so many creative ways it can screw up.
A fun one I had once that I had was a AES encrypted 7z archive that was going onto Aes encrypted volume guess what I lucked out in the worst possible way when I perform a system check for classified data. A few files were just stored inside the 7z not compressed the result was horrible I lucked out with a mirror as in 1 aes key encoded the data then the second aes key that was meant to encode the data again instead decoded it. So what was meant to be encrypted data was in fact sent to disc as plain text. This was using all certified stuff just using it in a risk way.
Your risks with encryption go up a lot when what you are using has not been properly certified there are so many minor ways you can screw encryption completely up and not notice for ages.
ZFS solution for encryption is bespoke junk in the highly dangerous class.
Leave a comment: