alexander at gentoo
Sep 16, 2004, 4:16 AM
Post #3 of 12
-----BEGIN PGP SIGNED MESSAGE-----
Do you think you could make a howto guide on my wiki?:
On Sep 15, 2004, at 1:54 AM, Boyd Waters wrote:
> Pablo (and Andreas):
> An update on mac OS X encrypted swap with my startup script, which
> uses dynamically-sized sparseimage instead of a fixed-size image...
> <StartupParameters.plist> <encryptSwap>
> It seems to work in Tiger prerelease (10.4) -- most of the time!
> Sometimes the startup will fail, and you're back to writing swapfiles
> to your hard disk (unencrypted).
> Seems to be timing-related. It's working now, so I'll try not to shut
> Two ways to tell: use "hdiutil info" or "mount" to determine if the
> sparseimage is actually mounted.
> Another thing to do: I put a "flag" file in my mount-point directory,
> an empty file named PLAINTEXT. So when I look in my swap directory, if
> I see the PLAINTEXT file, I know immediately that my startup script
> failed. (No, there is no useful information in the system log, even
> though I put some "ConsoleMessage" calls in there...)
> Under 10.3.x, using sparseimage for loopback-encrypted-swap results in
> a hard lockup. Likewise 10.4, unless the "-kernel" option is
> specified. If such option is used under 10.3.x, the hdituil call will
> simply fail, plaintext swap results.
> I worked many hours yesterday to edit an /etc/rc script that would
> improve the reliability of my startup script. No luck. I simply do not
> know enough...
> When it comes to block-device access, Mac OX diverges quite radically
> from xBSD or other Unix. A proper implementation would require an
> IOKit driver, I think: and encrypted-disk driver. (I was aiming for
> such a thing for whole-disk encryption, but it turns out there is no
> userspace hook for mounting nullfs...)
> It may be that you could obtain boot-time encryption by looking at the
> NetBoot stuff; NetBoot on Mac expects a disk image passed across the
> network as a mountable boot volume.
> All this, plus scripts, reported to Apple via a bug. Total feedback
> was: "marked duplicate".
> Note that today on Slashdot was a discussion of a USB thumb drive by
> Lexar that stored the password on the drive, thus rendering the
> product's AES-256 encryption useless. Apple's FileVault is almost as
> ~ boyd
> Boyd Waters
> Socorro, New Mexico
>> Thanks for the tips. I've started using Andreas' script, and it is
>> working quite well. Hopefully you can get your script working again
>> with sparse images; just as swap on Mac OS X grows dynamically, it
>> would be ideal for the container (the disk image) to grow as well.
>> Until then, I have just made a nice, large fixed-size disk image.
>> Disk space is cheap these days....
>> I'm also surprised that this issue hasn't gotten more attention - in
>> my opinion, the fact that the swap file is unencrypted renders some
>> Mac OS X security features (ie FileVault) nearly useless. I have run
>> my Powerbook without swap for the last year and a half, and haven't
>> encountered too many problems with it, but once in a while it would
>> fail spectacularly when I was running a particularly memory-intensive
>> application. I can encrypt swap on my Linux and OpenBSd boxes, so why
>> not Mac OS X?
>> I wonder if anyone has raised this issue with Apple? Seems like an
>> excellent feature for Tiger....
>> Pablo Salazar
>> Consulting Engineer
>> CCIE (Security) #11024
>> Advanced Services Network Security
>> Cisco Systems
> gentoo-osx [at] gentoo mailing list
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
-----END PGP SIGNATURE-----
gentoo-osx [at] gentoo mailing list