1 |
On Tue, Jan 19, 2016 at 12:22 AM, <wabenbau@×××××.com> wrote: |
2 |
> |
3 |
> I'm an absolute windows noop. I only use it for graphics work. I even |
4 |
> didn't know that such a kind of file sharing is possible with it. :-) |
5 |
> |
6 |
|
7 |
No worries - I think that is a great place to be. However, it is |
8 |
useful to understand what ideas are out there, since some of them are |
9 |
actually good ones. |
10 |
|
11 |
The foundation of these kinds of features in windows is that their |
12 |
user IDs are essentially GUIDs (a combination of an authentication |
13 |
server and a unique ID I believe): |
14 |
https://en.wikipedia.org/wiki/Security_Identifier |
15 |
|
16 |
This is in contrast to a linux UID, which is just a small number. You |
17 |
might be UID 0 on your box, and I'm UID on mine. The UID of the |
18 |
administrator account of every windows box out there is unique. That |
19 |
avoids all kinds of issues, like the whole nfs root-is-nobody design. |
20 |
You can "chown" a windows file to a UID which isn't native to the |
21 |
machine - the machine would authenticate anybody trying to read it |
22 |
against the machine that assigned the UID. |
23 |
|
24 |
It isn't perfect, but it seems like a better foundation for this sort of thing. |
25 |
|
26 |
> |
27 |
> That's right. I think that the effort and the outlay to implement all |
28 |
> these features into Linux is relative high. It seems that no vendor |
29 |
> is willing to assume such a financial risk. |
30 |
> |
31 |
> Maybe it is time for another crowd founding campaign? ;-) |
32 |
> |
33 |
|
34 |
Well, changing how user IDs would be a big task (as far as I'm aware). |
35 |
|
36 |
However, the bit about Bitlocker isn't actually. You just need to use |
37 |
trusted grub, some vanilla kernel config options, and probably some |
38 |
logic in the initramfs and userspace. There is already a linux |
39 |
solution for TPM at every layer of the boot chain, which allows a |
40 |
userspace program in an initramfs to store an encryption key in the |
41 |
TPM and retrieve it only if the boot chain isn't tampered with. You |
42 |
just need to put together the pieces. |
43 |
|
44 |
I could probably hack something together in a few days. The trick is |
45 |
getting it to survive things like kernel updates and for it to be |
46 |
robust. You need to ensure that anything that legitimately changes |
47 |
your boot chain updates all the settings in the TPM so that on the |
48 |
next boot the keys are still delivered. Otherwise your drive becomes |
49 |
unreadable, and difficult to recover (well, unless you escrow the |
50 |
encryption keys somewhere, which you certainly can do). |
51 |
|
52 |
-- |
53 |
Rich |