[fpc-other] disk "glasses"

[Mark Morgan Lloyd]

duilio foschi wrote:
>> Btw. a little information regarding TrueCrypt:
> 
> TC is secure enough for my needs.

But in that case why did you write

"In fact when the crypted disk is mounted by windows, everybody
connected to my PC can read (and possibly steal) disk data." ?

If you're having to address problems like this, possibly as part of a 
security audit (who did you say you worked for?) then I quite simply 
think that you're either using the wrong type of computer system or it's 
set up wrong.

Your issue, as you describe it, is that anybody can set up a share on 
your computer such that they can read your files. That's the problem you 
should be addressing.

It would probably be possible to do something with streams at the 
application level where each stream locked the underlying file and then 
allowed full read-write access. But at that point you'd have to weed out 
all cases where multiple streams were looking at the same file, and if 
you really did want multiple apps to have unrestricted decrypt/modify 
rights then you'd effectively have to write your own operating system to 
do it.

-- 
Mark Morgan Lloyd
markMLl .AT. telemetry.co .DOT. uk

[Opinions above are the author's, not those of his employers or colleagues]