questions about data/encryption of a linux directory

0

i have a directory full of sensitive data and want to encrypt this directory to protect against outside attackers. i still want to be able to read from the directory and display this data onto a webpage in it's original form. will data encryption tools, such as, eCryptFs, allow for this? if it does, how does it work exactly if the data is mounted/unmounted? does auto-mounting come into play here?

milesmiles55

Posted 2014-06-19T13:44:30.777

Reputation: 103

Answers

2

Generally, if an encrypted filesystem/file is mounted it's contents become accessible to all users who have access to the folder (and root). I think the most feasible solution for your problem is:

  • Use LUKS to create an encrypted filesystem
  • Mount at boot time (or when you start the HTTP daemon)
  • Do not put the key to the container on the box (it's a nuisance to enter the password every time, but a commonly made mistake)
  • Change the directory permissions to 700
  • Change the ownership to the webserver user (commonly www-data)

This will disallow anyone on the system (except www-data and root) to access the files.

If you really want to go for maximum security, you could script something like:

  • When accessing the webpage, ask for the encrypted container password
  • Mount the encrypted container
  • Retrieve the necessary files
  • Unmount the container

Keep in mind that mounting/unmounting is a very expensive operation, so your webpage would get really slow.

mtak

Posted 2014-06-19T13:44:30.777

Reputation: 11 805

So what are you going to do? – mtak – 2014-06-19T14:32:35.413

thanks so much for this. i have questions about mounting. i should preface this by saying i'm on a red hat machine were this sensitive data is stored. the web application is stored under tomcat on another machine. so a request goes into tomcat and tomcat pings the directory on the redhat machine where the sensitive data is stored. the query is executed and the response is given. how would mounting work in this case? when you say 'do no put the key to the container on the box', what do you mean exactly? where should the key be stored?

you've added some much needed clarity. – milesmiles55 – 2014-06-19T14:45:06.710

You would have to call shell scripts from your Java app which do the actual mounting. If I say 'do not put the key on the box', I mean the password for the encrypted filesystem shouldn't be on the server (ie. it should come from the person accessing the data). – mtak – 2014-06-20T07:33:15.257

0

You can buy the hardware token (smart card) and use the key stored at the card. That will let you to encrypt and decrypt the files in a batch mode without the need of storing the password (when you disabled the card user pin verification) whenever the card is plugged in... but will also prevent for anyone to form just copping the key.

Sebo

Posted 2014-06-19T13:44:30.777

Reputation: 1

Asked: 2014-06-19T13:44:30.777

Viewed: 122 times

Active: 2014-08-17T11:22:27.857