alexander at gentoo
Sep 16, 2004, 4:16 AM
Post #3 of 12
(941 views)
Permalink
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Do you think you could make a howto guide on my wiki?:
http://penguincluster.com/cgi-bin/wiki.pl/EncryptedSwap
On Sep 15, 2004, at 1:54 AM, Boyd Waters wrote:
> Pablo (and Andreas):
>
> An update on mac OS X encrypted swap with my startup script, which
> uses dynamically-sized sparseimage instead of a fixed-size image...
>
> <StartupParameters.plist> <encryptSwap>
>
>
> It seems to work in Tiger prerelease (10.4) -- most of the time!
> Sometimes the startup will fail, and you're back to writing swapfiles
> to your hard disk (unencrypted).
>
> Seems to be timing-related. It's working now, so I'll try not to shut
> down!
>
> Two ways to tell: use "hdiutil info" or "mount" to determine if the
> sparseimage is actually mounted.
>
> Another thing to do: I put a "flag" file in my mount-point directory,
> an empty file named PLAINTEXT. So when I look in my swap directory, if
> I see the PLAINTEXT file, I know immediately that my startup script
> failed. (No, there is no useful information in the system log, even
> though I put some "ConsoleMessage" calls in there...)
>
> Under 10.3.x, using sparseimage for loopback-encrypted-swap results in
> a hard lockup. Likewise 10.4, unless the "-kernel" option is
> specified. If such option is used under 10.3.x, the hdituil call will
> simply fail, plaintext swap results.
>
> I worked many hours yesterday to edit an /etc/rc script that would
> improve the reliability of my startup script. No luck. I simply do not
> know enough...
>
> When it comes to block-device access, Mac OX diverges quite radically
> from xBSD or other Unix. A proper implementation would require an
> IOKit driver, I think: and encrypted-disk driver. (I was aiming for
> such a thing for whole-disk encryption, but it turns out there is no
> userspace hook for mounting nullfs...)
>
> It may be that you could obtain boot-time encryption by looking at the
> NetBoot stuff; NetBoot on Mac expects a disk image passed across the
> network as a mountable boot volume.
>
>
> All this, plus scripts, reported to Apple via a bug. Total feedback
> was: "marked duplicate".
>
>
> Note that today on Slashdot was a discussion of a USB thumb drive by
> Lexar that stored the password on the drive, thus rendering the
> product's AES-256 encryption useless. Apple's FileVault is almost as
> bone-headed.
>
> Cheers!
>
> ~ boyd
> Boyd Waters
> Socorro, New Mexico
>
>
>> Thanks for the tips. I've started using Andreas' script, and it is
>> working quite well. Hopefully you can get your script working again
>> with sparse images; just as swap on Mac OS X grows dynamically, it
>> would be ideal for the container (the disk image) to grow as well.
>> Until then, I have just made a nice, large fixed-size disk image.
>> Disk space is cheap these days....
>>
>> I'm also surprised that this issue hasn't gotten more attention - in
>> my opinion, the fact that the swap file is unencrypted renders some
>> Mac OS X security features (ie FileVault) nearly useless. I have run
>> my Powerbook without swap for the last year and a half, and haven't
>> encountered too many problems with it, but once in a while it would
>> fail spectacularly when I was running a particularly memory-intensive
>> application. I can encrypt swap on my Linux and OpenBSd boxes, so why
>> not Mac OS X?
>>
>> I wonder if anyone has raised this issue with Apple? Seems like an
>> excellent feature for Tiger....
>>
>> Regards,
>>
>> Pablo Salazar
>> Consulting Engineer
>> CCIE (Security) #11024
>> Advanced Services Network Security
>> Cisco Systems
> --
> gentoo-osx [at] gentoo mailing list
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
iD8DBQFBSXYKjT8HAJRHzi0RAkx6AJ9Uov0qhxH5czKBJCsYs8P3bQW27gCgm/YM
r46Doilr7AemwIQBZOQ4Tj0=
=gFUO
-----END PGP SIGNATURE-----
--
gentoo-osx [at] gentoo mailing list
|
StartupParameters.plist
