I understand why it uses an encrypted image. What I don't get is why
it cannot read or write from/to that image when I am logged in. I
can
access that image from the Finder... I would think TM could acquire
my privileges and access it as well.
Without re-encrypting that data, the only thing "protecting" it are
filesystem privileges, and those are trivial to bypass.
But it can encrypt as it writes. That's what happens when I write
anything in my FileVaulted account, right? It is on-the-fly
encryption and decryption. If it can do that for everything I do as
a logged-in user when writing to my hard drive, why can't it do it
for TM writing to an image?
I still think that this is just a glitch that Apple is going to work
out. Unless there's something fundamentally different about writing
to an image than to a physical disk that I am just not understanding.
Here's my thinking: With a non-FV account, if I log in and the TM
backup starts, and I immediately log out, it's no big deal to TM
because my home directory is still there. If I have a FV account and
I log in, my home directory is a mounted disk image, which is fine
until I log out. If a TM backup starts while I'm logged in with a FV
account, and I immediately log out, there's a potential for the backup
operation to freak out because a part of the file system might
disappear out from under me.
-----
- Peter Schwenk
- CITA-3, Systems Administrator
- Mathematical Sciences
- University of Delaware
- schwenk _at_ math _dot_ udel _dot_ edu
- http://www.math.udel.edu/~schwenk
