You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ideally we would want to be able to change secrets (that is write more secrets to a secret repo, remove secrets from a secret repo, or even change the size of a secret file) randomly without doing linear operations like re-encryption and re-serialisation of archive formats. This may even help secret sharing to be more efficient in the future.
These 2 projects use FUSE to mediate between a filesystem in userspace and encrypted backend on disk somewhere. FUSE is interesting because we can offer a standard FS interface to consumers of Polykey secrets. But to be really secure you would have to either use mount namespaces or file descriptors as capabilities to allow specific processes to access secrets.
Ideally we would want to be able to change secrets (that is write more secrets to a secret repo, remove secrets from a secret repo, or even change the size of a secret file) randomly without doing linear operations like re-encryption and re-serialisation of archive formats. This may even help secret sharing to be more efficient in the future.
The text was updated successfully, but these errors were encountered: