[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] robustness of encrypted partitions

Malte Gell wrote:

On Thursday 06 October 2005 19:35, Rainer Duffner wrote:
Malte Gell wrote:

I guess encrypted partitions / files (mounted as encrypted virtual
disk) are vulnerable regarding unclean unmounts, so does using the
"sync" option add much more safety to encrypted partitions / files?

I used it about a year on different laptops (/home encrypted).
No problems.

But it didn't crash that often anyway...

OK, but this means it DID crash and survived?

A couple of times.
But I really didn't have to turn it off hard (which is the main reason for an unclean shutdown) very often. Also, once you know that Suspend to Disk et.al don't work, you don't try it again and again ;-)

Did e2fsck or similar successfully run on that partition? What version of SuSE did you use?

Started with 9.0 or so, IIRC (on a Dell Inspiron 4000).
Then 9.1 and then 9.2.
Or it was only 9.1 and then came the new laptop (FSC Lifebook 8010E, which also wouldn't ACPI-S3 or S4 correctly grr) where I installed 9.2.

Now it runs FreeBSD 6.0, because (among other things) it runs way-way-way faster (and I don't need VMware that desperately anymore, which was the number two reason to choose SuSE - number one was encrypted /home, which I tried with FreeBSD 5.4 but wouldn't work correctly).

AFAIK the crypto subsystem has changed after 9.2/9.3 (am still on 9.0).

I'd go with 9.2, it's the fastest. 9.3 was actually slower for me and things like SXGA+ resolution (which worked on 9.2) actually stopped working...
Maybe I'll try 10 again.


Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here