DragonFly kernel List (threaded) for 2007-02
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
Re: Initial filesystem design synopsis.
| From: | Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx> |
| Date: | Thu, 22 Feb 2007 10:15:11 -0800 (PST) |
:>> hosts.
:> Are you proposing to encrypt data transfered between cluster nodes?
:
:That's the very least.
:
:>> Eg: What if i want to share a file with you, but i don't
:>> want anyone else on the cluster to be able to read or modify it?
:> Why this can't be handled with help of ACLs?
:
:Because I as evil kernel hacker don't have to obey the ACLs you set if I =
:already have access to the raw data.
:
:cheers
: simon
At the moment cluster communications are going to be stream based, aka
direct TCP connection or SSH or something like that.
Insofar as file data goes, the only way to create an opaque store
whos physical storage is not under your control is to encrypt the
data and use a cryptographic hash to validate it whenever you read
it (so it cannot be modified outside of your control).
-Matt
- References:
- Initial filesystem design synopsis.
- From: Matthew Dillon <dillon@apollo.backplane.com>
- Re: Initial filesystem design synopsis.
- From: Victor Balada Diaz <victor@bsdes.net>
- Re: Initial filesystem design synopsis.
- From: Sergey Glushchenko <deen@clusterfs.com>
- Re: Initial filesystem design synopsis.
- From: "Simon 'corecode' Schubert" <corecode@fs.ei.tum.de>
- Initial filesystem design synopsis.
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]