Subject: Re: CryptoGraphic Disk.
To: Roland Dowdeswell <elric@imrryr.org>
From: Urban Boquist <urban@boquist.net>
List: tech-security
Date: 10/07/2002 17:02:28
>>>>> Roland Dowdeswell writes:

Roland> I've just committed cgd, the CryptoGraphic Disk.

Great work! Thanks a lot!

I have one question though. I used to use TCFS for a while, and one
really nifty feature it had was that you could "remove" the encryption
key from the kernel without unmounting the file system. Processes that
tried to access the disk when the key was unavailable got read/write
errors.

This was very handy on e.g. a travelling laptop, where you could use
the /etc/apm scripts to simply remove the key automatically when
suspending. Since you didn't need to unmount the file system you also
didn't have to bother finding all processes inside the file system,
kill emacs buffers visiting files inside it, etc. Once resumed you
just re-entered the passphrase and everything was as before again.

Would something like this be possible to add to cgd?

Kind regards,

        -- Urban