Protecting against rogue devices in openSUSE with Full Disk Encryption openSUSE have now multiple ways to configure a Full Disk Encryption (FDE) installation...
Is it possible to configure the kernel to allow access to decrypted contend only through the user session?
Theoretically, kernel keys can be set to be readable only by the user session, and in an uncompromised root is not able to read those keys. I can imagine a filesystem encryption design that uses a user session key to en/decrypt data on the fly using a user session key, such that not even root or a process in another user session could read the mounted filesystem.
Does such a system exist? As I understand, this is not the way dm-crypt or LUKS work. FDE and TPM are still vulnerable to hacking while everything is running, unlocked, and mounted.
Is it possible to configure the kernel to allow access to decrypted contend only through the user session?
Theoretically, kernel keys can be set to be readable only by the user session, and in an uncompromised root is not able to read those keys. I can imagine a filesystem encryption design that uses a user session key to en/decrypt data on the fly using a user session key, such that not even root or a process in another user session could read the mounted filesystem.
Does such a system exist? As I understand, this is not the way dm-crypt or LUKS work. FDE and TPM are still vulnerable to hacking while everything is running, unlocked, and mounted.
I believe thats how Android works. As I recall, it uses fscrypt.
Yeah, it sounds like something you could do with SE linux and some scripting to handle mounting the user’s filesystem as needed.