From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 77F6C6DE028C for ; Thu, 23 Nov 2017 12:44:27 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.401 X-Spam-Level: X-Spam-Status: No, score=-0.401 tagged_above=-999 required=5 tests=[AWL=-0.402, UNPARSEABLE_RELAY=0.001] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id goj3rHAxaVPY for ; Thu, 23 Nov 2017 12:44:26 -0800 (PST) Received: from marcos.anarc.at (marcos.anarc.at [206.248.172.91]) by arlo.cworth.org (Postfix) with ESMTPS id F34B96DE024A for ; Thu, 23 Nov 2017 12:44:25 -0800 (PST) Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: anarcat) with ESMTPSA id C1BBB1A00AA From: =?utf-8?Q?Antoine_Beaupr=C3=A9?= To: Daniel Kahn Gillmor , notmuch@notmuchmail.org Subject: Re: [PATCH] NEWS: cleartext indexing In-Reply-To: <87d149ulda.fsf@curie.anarc.at> References: <20171022153634.14802-1-dkg@fifthhorseman.net> <8760b4a3cs.fsf@curie.anarc.at> <87she0bpsq.fsf@fifthhorseman.net> <874lqg7grq.fsf@curie.anarc.at> <87po92bvax.fsf@fifthhorseman.net> <87d149ulda.fsf@curie.anarc.at> Date: Thu, 23 Nov 2017 15:44:24 -0500 Message-ID: <87zi7csp1z.fsf@curie.anarc.at> MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Nov 2017 20:44:27 -0000 Another thing I forgot. You mentioned dedicated LUKS partitions as an example solution. I wonder if you know about the `tomb` and `ctmg` projects which more or less implement those features as commandline tool wrappers. Tomb is a simple shell-script wrapper around cryptsetup to easily create and manage loop-mounted LUKS partitions: http://tomb.dyne.org/ An example use of this for notmuch would be the `pass-tomb` extension to the `pass` password manager, which uses tomb to hide password entries when not in use: https://github.com/roddhjav/pass-tomb CTMG is basically the same thing but written by Donenfeld instead of Jaromil: https://git.zx2c4.com/ctmg/about/ Both require root to run. In both cases, my primary concern would be how to manage the size of the LUKS partition just right: it shouldn't take up space needlessly, but then it needs to expand when new space is needed. As far as I know, none of those tools elegantly solve that problem, except maybe the new ext4 encryption system... Thanks again for this precious patchset, I hope it gets rolled in soon! 0.26 will be even more amazing it gets shipped with this. A. -- Gods don't like people not doing much work. People who aren't busy all the time might start to think. - Terry Pratchett, Small Gods