From: Thomas Albers <tgalbers2000@gmail.com>
To: Tobias Geerinckx-Rice <me@tobias.gr>
Cc: help-guix@gnu.org
Subject: Re: Typing LUKS passphrase only once and a possible solution
Date: Wed, 07 Jul 2021 20:29:37 +0200 [thread overview]
Message-ID: <87eecagepa.fsf@gmail.com> (raw)
In-Reply-To: <87zguygggj.fsf@nckx>
Hello Tobias,
Thank you for your answer.
>
> Well, so is a field to add crypsetup-specific command-line arguments.
>
> Abstracting this into meaningful field names like key-file is better
> from a readability point of view and allows implementation details
> like ‘we simply invoke cryptsetup’ to remain properly hidden from
> view.
>
> Because naturally, one day cryptsetup will be rewritten in Guile.
>
My idea was for this parameter to be also used for other mapping
devices. This assumes there is always an underlying program being used,
but if the final goal is to replace cryptsetup with scheme code, then
there isn't really a point to it.
>
> I think it could still be a plain string passed straight to
> cryptsetup, with the user responsible for its existence.
>
I am not really sure if a string would be the best solution though. The
key-file is a binary one. But you are right, there doesn't seem to be
much point in hiding the key-file. If someone has a program capable of
reading the file and getting it out of your computer, then there is
nothing stopping this person from accesing all of your files regardless
of encryption.
>
> You can force access to unexported symbols using (@@ (name of module)
> symbol). It's as recommended as it sounds. Nor can you rewrite parts
> of compiled procedures AFAIK.
>
This will come in handy while experimenting but it sounds like something
to be avoided, as it would be too dependant on the underlying code.
Regards,
Thomas Albers Raviola
next prev parent reply other threads:[~2021-07-08 12:13 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-07 16:05 Typing LUKS passphrase only once and a possible solution Thomas Albers
2021-07-07 16:42 ` Tobias Geerinckx-Rice
2021-07-07 18:29 ` Thomas Albers [this message]
2021-07-08 17:29 ` Vagrant Cascadian
2021-07-07 18:12 ` Joshua Branson
2021-07-07 18:30 ` Wiktor Żelazny
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87eecagepa.fsf@gmail.com \
--to=tgalbers2000@gmail.com \
--cc=help-guix@gnu.org \
--cc=me@tobias.gr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).