Comments (13)
A critical security vulnerability has been found in securefs version 0.4.0 to 0.6.0. If you have used these version to encrypt your data, please either migrate to the newest version or some other encryption software.
from securefs.
This will impact performance a lot. Especially if we also record access time.
from securefs.
I understand that, so it should be optional and not enabled by default.
I am personally not interested in atime.
from securefs.
It is now implemented in the main branch. Enable it at creation time by the flag "--store_time". Example
securefs c data --store_time
It hasn't been extensively tested.
from securefs.
You have to build the HEAD version if you want to test this feature for now.
from securefs.
Awesome, thanks! I will try it out after the holidays.
from securefs.
Hold on for now. I'm going to make some incompatible changes to the new format.
from securefs.
It should now be stable.
from securefs.
Feedback is welcome 😊
from securefs.
It seems to work great on both local filesystems and a on top of a pCloud mount on Linux.
It does not work on an acd_cli mount however (with or without --store_time):
root@server:~# securefs create --store_time /mnt/acd/.sfs
Password:
Retype password:
terminate called after throwing an instance of 'securefs::POSIXException'
what(): Illegal seek # pwrite
Aborted
After that I can mount it without errors, but when trying to access the mount I get "Input/output error". Not sure if this worked with older versions of either securefs or acd_cli.
from securefs.
Well, that means acd_cli
does not support the necessary filesystem operations securefs
needs to build on. But it is rather odd that the exception is not caught, since the create
command is wrapped in a try-catch block.
from securefs.
Apparently this is a known problem with acd_cli and it's being worked on. I am mainly going to use it with pCloud anyway. Thank you very much for implementing this! Can I consider the on-disk format stable (or forward-compatible) for the foreseeable future?
from securefs.
The on-disk format with encrypted timestamps is now stable. If I want incompatible changes, I will introduce a new format that must be specified on creation.
from securefs.
Related Issues (20)
- SecureFS through crypto wallet? HOT 2
- Share encrypted file HOT 5
- Issue while compiling on raspberry pi 4b or cross-compile HOT 1
- How to deal with long file names HOT 2
- 希望能帮助完成一些工作 HOT 4
- brew install failing on MBP M2 Apple Silicon HOT 2
- Add the option to NOT encrypt filenames HOT 2
- Failing to compile on FreeBSD 13.2 HOT 23
- CryptoppConfig.cmake not found HOT 12
- Use with SFTP HOT 15
- I Forgot the password HOT 3
- followed build instructions, still getting "--vcpkg_root must point to a directory." HOT 3
- Crash. libc++abi: terminating due to uncaught exception... HOT 3
- How to build on Windows? HOT 16
- Destination Path Too Long HOT 5
- Has securefs been proven or analyzed for security? HOT 2
- 有关format 3存储时间戳的作用问题 HOT 2
- Consider not using the string "securefs" in metafiles HOT 3
- Install on Windows HOT 7
- mount in daemon mode like gocryptfs HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from securefs.