Re: Encrypted Storage on WebDAV
Re: Encrypted Storage on WebDAV
- Subject: Re: Encrypted Storage on WebDAV
- From: Casey Marshall <email@hidden>
- Date: Sun, 19 Nov 2006 16:00:04 -0800
On Nov 19, 2006, at 11:35 AM, email@hidden wrote:
Hi filesystem experts,
I am new on this list, so please forgive me if this is the wrong
place to ask.
I am trying to come up with an easy-to-implement solution to
securely store files on a WebDAV volume. Securely means the storage
should provide confidentiality by some form of encryption. The most
simple solution - an encrypted disk image stored on and mounted
from the WebDAV - does not work, because WebDAV-FS will upload the
entire disk image on any change. Now I am looking for some
expertise on how to satisfy my use case differently. Here are the
options I came up with so far:
1. Somehow fix WebDAV-FS to use partial down- and uploads. I don't
know if this is at all possible and it sounds quite complicated.
2. Somehow split the disk image's backing store on the WebDAV into
multiple small files, so that WebDAV-FS will work with and thus
upload smaller chunks of the image. I don't really know how to do
this.
3. Don't use a disk image at all, but some form of per-file
encryption. This would involve stacking an encryption layer on top
of WebDAV-FS. It seems to me that Apple does not encourage stacked
file systems in VFS. However, I read something about implementing
something similar in user level as a local NFS server. However,
there seems to be no example code on how to do this, so I don't
really know where to start.
I have a little experience with this. Apple's automount file system
is implemented this way, and is open source; I couldn't quite figure
out how it works, however. My own project using this model is free
software, and is hosted at http://code.google.com/p/birchfs. Also, I
hear that Apple's FTP file system runs this way, but is not open
source, AFAIK.
To get started, you can simply get a hold of the NFS protocol XDR
source (XDR is a language for writing Sun RPC protocols -- here's
one: http://darwinsource.opendarwin.org/10.4.2/Librpcsvc-13/
nfs_prot.x) and run 'rpcgen' on that file (rpcgen, and the whole Sun
RPC stack, is available on OS X). rpcgen will generate C server code
for you, and it can generate stubs of all the functions you need to
implement; writing these is fairly straightforward. Also, look at
'man rpc'.
There are some issues with running your own NFS server, though. One
is that I needed to run both my NFS server as well as a mount
protocol server, which fakes out the single virtual directory my file
system exports. I don't think you will be able to run a real NFS
server alongside your server, and you will need to start the
portmapper program (sudo launchctl start com.apple.portmap). Your NFS
server will register itself with the portmapper, and "take up" the
slot for the NFS protocol. Lastly, be aware that broken NFS servers
(even in user space) *can* cause a kernel panic in some cases.
I haven't yet figured out the magic necessary to hide all these NFS
details from the user, though, or to make the server not take up that
protocol slot and not require portmap. Presumably there is a way,
since automount and FTP don't take up any protocol slots, nor use
portmap.
Maybe someone else here can comment on how to properly "hide" a user-
space NFS server. I'm interested in how to do this, even though my
goal in the short term is to just get a demo running that illustrates
a concept.
I'd really like to see a port of the FUSE API to OS X, but it seems
like that will require a new implementation of the kernel-space half.
Even some kind of framework for writing NFS-based file systems would
be great, IMO.
Hope this helps.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Filesystem-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden