LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

EPERM? ; performance

EPERM? ; performance

Posted Sep 20, 2012 14:09 UTC (Thu) by scripter (subscriber, #2654)
Parent article: LSS: Integrity for directories and special files

Getting an EPERM error on a directory seems misleading in the situation where integrity verification fails. I'd like to have an error that leads in the right direction.

Thanks for pointing out that the performance is better than using dm-crypt -- it puts it in perspective for me.

(Log in to post comments)

IMA/EVM and dm-crypt

Posted Sep 22, 2012 9:55 UTC (Sat) by Max.Hyre (subscriber, #1054) [Link]

Please tell me if I'm missing something here, but ISTM the two techniques are not replacements for each other. WRT offline access, dm-crypt is a superset of IMA/EVM.

IMA/EVM is useful if you want to know whether someone has been monkeying with your hard drive while you weren't looking, but does nothing to protect against the NSA reading your data, whereas dm-crypt ensures both no one has modified your data while the system was down, and no one has accessed it, either.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds