My notes on making encrypted filesystems 'Just Work(tm)'
W. Michael Petullo
mike at flyn.org
Wed Dec 15 07:34:30 PST 2004
>>> Once the passphrase have been obtained in the desktop session, then
>>> 'sesame-setup --device=/dev/sda1 --passphrase=mysecret22'
>>> should be run by root.
>> No it should not. NEVER pass a passphrase in an argument.
> The "why" of this, for those who don't know already, is because non-
> privileged users on most machines can view the arguments passed to
> executing processes. Just take a look at ps or top output, for example.
Placing the passphrase in an environment variable is not a safe means
either. Reading a passphrase from stdin is probably best. Another
solution I have seen is providing an environment variable that names a
file to read the passphrase from.
> (NOTE: 1. hald shall only allow console user to do this
> 2. requires new features in hald to callout a program specified
> in e.g. the /etc/hal/methods.d/Crypto/Sesame/Setup file)
How does this /etc/hal/methods.d interface work? I can't find any
documentation about it. I've found a few mentions of a methods.d
directory but no documentation about how it is wired to hald.
hal mailing list
hal at lists.freedesktop.org
More information about the Hal