Encrypting user data on per-app basis?
Ryan Gonzalez
rymg19 at gmail.com
Tue Sep 3 02:47:33 UTC 2019
Apps already can't access each others data by default, even with
--filesystem=home.
On Mon, Sep 2, 2019, 5:59 AM Bastien Nocera <hadess at hadess.net> wrote:
> Hey,
>
> Would it be a good idea to encrypt each application's private store of
> files and data in the user's home directory, when storing it on-disk?
>
> ext4 and some other filesystems allow per-directory encryption and
> ~/.var/app/<app-id>/ could be marked to be encrypted pretty easily when
> the directory is first created.
>
> This would avoid applications being able to access each other's data,
> but I'm not certain whether decryption can be made so that the files
> are only accessible within the namespace. I'm also not sure where we'd
> store the keys in a way that didn't make it accessible to most apps.
>
> Any ideas?
>
> Cheers
>
> _______________________________________________
> Flatpak mailing list
> Flatpak at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/flatpak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/flatpak/attachments/20190902/52db94b2/attachment.html>
More information about the Flatpak
mailing list