Initial filesystem design synopsis.

Matthew Dillon dillon at
Thu Feb 22 10:30:49 PST 2007

:>> hosts.
:> Are you proposing to encrypt data transfered between cluster nodes?
:That's the very least.
:>> Eg: What if i want to share a file with you, but i don't
:>> want anyone else on the cluster to be able to read or modify it?
:> Why this can't be handled with help of ACLs?
:Because I as evil kernel hacker don't have to obey the ACLs you set if I =
:already have access to the raw data.
:  simon

    At the moment cluster communications are going to be stream based, aka
    direct TCP connection or SSH or something like that.

    Insofar as file data goes, the only way to create an opaque store 
    whos physical storage is not under your control is to encrypt the
    data and use a cryptographic hash to validate it whenever you read 
    it (so it cannot be modified outside of your control).


More information about the Kernel mailing list