eCryptfs

Will eCryptfs by itself protect all my data?

Asked by Dustin Kirkland 

eCryptfs is just one component in a comprehensive set of mechanisms to protect the confidentiality of your data. Simply mounting eCryptfs over a directory in your home directory will probably not provide sufficient coverage for everything your applications will write to disk. For instance, applications that produce and store thumbnails of your images may write the thumbnails to an unprotected location.

Sensitive application data will typically wind up in the following locations, although some applications will write data to other locations not listed here:

    * Anywhere in your home directory
    * The /tmp directory
    * The /var directory
    * The swap device

The /tmp directory and the swap device can be easily protected with dm-crypt using a key randomly generated when the system is booted, since the information in those locations does not need to persist between reboots. eCryptfs must mount the /var directory prior to any daemons or other system applications reading from or writing to that location (including the syslog utility). eCryptfs must also mount over the user's home directory prior to the user logging into the system.

You will need to consider other applications that diverge from traditional paths for storing data on a case-by-case basis. Analyzing application behavior with the kernel auditing system is one way to profile the behavior of an application, and explicit SE Linux rules that only allow applications to write to encrypted mountpoints helps prevent inadvertent information leakage. We recommend always using eCryptfs together with appropriate Mandatory Access Control (MAC) mechanisms to ensure that your sensitive data is always encrypted.

Proper deployment of a comprehensive per-file encryption mechanism is a task best tackled by the entire Linux distribution. The eCryptfs team is working closely with various major Linux distributions to help ensure that eCryptfs is properly used as one component of a comprehensive data protection strategy.

Question information

Language:
English Edit question
Status:
Solved
For:
eCryptfs Edit question
Assignee:
No assignee Edit question
Solved by:
Dustin Kirkland 
Solved:
Last query:
Last reply:
Revision history for this message
Dustin Kirkland  (kirkland) said : 		#1

eCryptfs is just one component in a comprehensive set of mechanisms to protect the confidentiality of your data. Simply mounting eCryptfs over a directory in your home directory will probably not provide sufficient coverage for everything your applications will write to disk. For instance, applications that produce and store thumbnails of your images may write the thumbnails to an unprotected location.

Sensitive application data will typically wind up in the following locations, although some applications will write data to other locations not listed here:

    * Anywhere in your home directory
    * The /tmp directory
    * The /var directory
    * The swap device

The /tmp directory and the swap device can be easily protected with dm-crypt using a key randomly generated when the system is booted, since the information in those locations does not need to persist between reboots. eCryptfs must mount the /var directory prior to any daemons or other system applications reading from or writing to that location (including the syslog utility). eCryptfs must also mount over the user's home directory prior to the user logging into the system.

You will need to consider other applications that diverge from traditional paths for storing data on a case-by-case basis. Analyzing application behavior with the kernel auditing system is one way to profile the behavior of an application, and explicit SE Linux rules that only allow applications to write to encrypted mountpoints helps prevent inadvertent information leakage. We recommend always using eCryptfs together with appropriate Mandatory Access Control (MAC) mechanisms to ensure that your sensitive data is always encrypted.

Proper deployment of a comprehensive per-file encryption mechanism is a task best tackled by the entire Linux distribution. The eCryptfs team is working closely with various major Linux distributions to help ensure that eCryptfs is properly used as one component of a comprehensive data protection strategy.

Revision history for this message
Dustin Kirkland  (kirkland) said : 		#2

From the FAQ.