14
4
I am searching for an encrypted filesystem for Linux that can be mounted in a write-only mode, by that I mean you should be able to mount it without supplying a password, yet still be able to write/append files, but neither should you be able to read the files you have written nor read the files already on the filesystem. Access to the files should only be given when the filesystem is mounted via the password. The purpose of this is to write log files or similar data that is only written, but never modified, without having the files themselves be exposed. File permissions don't help here as I want the data to be inaccessible even when the system is fully compromised.
Does such a thing exist on Linux? Or if not, what would be the best alternative to create encrypted log files?
My current workaround consists of simply piping the data through gpg --encrypt
, which works, but is very cumbersome, as you can't easily get access to the filesystem as a whole, you have to pipe each file through gpg --decrypt
manually.
3I believe you can do what you want via
syslog
. That separates the generation of the log messages from the system that stores them, so the apps that generate the message have no access to the where they're stored. The logs can even be (and frequently are) on a separate server. – mpez0 – 2010-04-21T13:10:59.533I want to go a step further and have the data not be accessible at all, not just to the process that created it, but not even to root. This is what public key encryption with gpg does, but I am searching for a way to do it at the file system level. – Grumbel – 2010-04-21T15:47:36.020