On 12/11/2007 12:37 PM, "Ed Pastore" <email@hidden> wrote:
TM does FileVault backups like it does as otherwise your TM disk
would be a nice, unencrypted, history of all your data.
I understand why it uses an encrypted image. What I don't get is why
it cannot read or write from/to that image when I am logged in. I can
access that image from the Finder... I would think TM could acquire
my privileges and access it as well.
My guess is that while they are open encrypted disk images are not in
a consistent state. Things probably go through a couple of caches, and
there are constant writes to the disk image. Since it is all one file
TimeMachine would have to try and backup the very large image each
time (so that would eat disproportionally into your space), and would
probably have trouble completing the read before something else tried
to write into the space (causing a bit of a nightmare).
I would bet that sometime in the future that TimeMachine will get
explicit support for FileVault images, and will treat them differently
than other files. My way of doing it would be to put a marker file in
the TimeMachine hierarchy, and then have a designated root folder that
would include a second (nested) TimeMachine vault for each FileVault
image. This would be encrypted with the same password as the real
FileVault (and there would have to be provisions for caching and
changing this), and the two would be opened and then the normal
TimeMachine process run on them. If your folder was already open, then
it would just save one step.
This is complicated enough that I don't fault Apple for not having it
in 1.0.
