Filesystems HOWTO: Appendix

Next Previous Contents

11.1 Network filesystems

This HOWTO is not about Network filesystems, but I should mention them.

There is a brief list of some which I know:

AFS - Andrew Filesystem

The AFS FAQ is at http://www.angelfire.com/hi/plutonic/afs-faq.html.
Commercial clients and servers for almost all platforms (except win98) are available from IBM. See http://www.transarc.com/Product/EFS/AFS/index.html
A free client for Unix is available from the Arla Team at http://www.stacken.kth.se/projekt/arla/.
A free Server is also in preparation, but not in production yet.

CODA

NFS - Network filesystem (Unix)

NCP - NetWare Core Protocol (Novell NetWare)

SMB - Session Message Block (Windows 3.x/9x/NT)

This protocol is used in Windows world.

11.2 Encrypted filesystems

CFS

Homepage: ?
Download: ?
Author: Matt Blaze < mab@research.att.com>.
License: ?
Access: Read/Write, using DES/3DES.

CFS pushes encryption services into the Unix(tm) file system. It supports secure storage at the system level through a standard Unix file system interface to encrypted files. Users associate a cryptographic key with the directories they wish to protect. Files in these directories (as well as their pathname components) are transparently encrypted and decrypted with the specified key without further user intervention; cleartext is never stored on a disk or sent to a remote file server. CFS employs a novel combination of DES stream and codebook cipher modes to provide high security with good performance on a modern workstation. CFS can use any available file system for its underlying storage without modification, including remote file servers such as NFS. System management functions, such as file backup, work in a normal manner and without knowledge of the key.

TCFS

Homepage: http://tcfs.dia.unisa.it/
Download: ftp://tcfs.dia.unisa.it/pub/tcfs/
Authors: Luigi Catuogno < luicat@tcfs.dia.unisa.it>, Aniello Del Sorbo < anidel@tcfs.dia.unisa.it>, Luigi Della Monica < dellui@tcfs.dia.unisa.it>, G.Cattaneo < cattaneo@dia.unisa.it>, G.Persiano ( http://www.dia.unisa.it/~giuper/), Ermelindo (Erry) Mauriello < errmau@tcfs.dia.unisa.it>, Angelo Celentano < angcel@tcfs.dia.unisa.it>, Andrea Cozzolino < andcoz@tcfs.dia.unisa.it>.
License: GPL
Access: Read/Write transparently using CBC-DES/3DES/RC5/IDEA/Others..

The main difference between TCFS and CFS is the trasparency to user obtained by using TCFS. As a matter of fact, CFS works in user space while TCFS works in the kernel space thus resulting in improved performances and security. The dynamic encryption module feature of TCFS allows a user to specify the encryption engine of his/her choiche to be used by TCFS. Currently available only for Linux, TCFS will be relased soon also for NetBSD, and will support in a near future also other FS then NFS.

SFS

( TODO: http://www.cs.auckland.ac.nz/~pgut001/sfs/index.html )

VS3FS: Steganographic File System for Linux

Homepage: http://www.linux-security.org/sfs/
License: ?
Access: ?

fspatch is a kernel patch which introduces module support for the steganographic file system (formerly known as vs3fs, an experimental type of filesytem that not only encrypts all information on the disk, but also tries to hide that information in such a way that it cannot be proven to even exist on the disk. This enables you to keep sensitive information on a disk, while not be prone to being forced to reveal that information. Even under extreme circumstances, fake documents could be stored on other parts of the disk, for which a pasword may be revealed. It should not be possible to find out whether any other information is stored on the disk.

11.3 Writing your own filesystem driver

DOS

I haven't seen yet any good page about writing DOS filesystem drivers (Network redirectors) on the net. The best source is Ralf Brown's interrupt list and iHPFS source code.

OS/2

ftp://ftp.leo.org/pub/comp/os/os2/leo/devtools/doc/ifsinf.zip
ftp://hobbes.nmsu.edu/pub/os2/system/drivers/filesys/32drv170.zip - 32 bits OS/2 device driver and IFS support. Provides 32 bits kernel services (DevHelp) and utility functions to 32 bits OS/2 ring 0 code (device drivers and installable file system drivers).

Windows NT

For more information about writing FS drivers for Windows NT see http://www.ing.umu.se/~bosse/ by < bosse@acc.umu.se>.

11.4 Related documents

http://www.honeycomb.net/os/holistic/connect/filesys.htm - good page about filesystems
http://home.att.net/~artnaseef/ - Linux overlay filesystem by < artnaseef@worldnet.att.net>.
http://www.braysystems.com/linux/trustees.html - Linux trustees
http://tcfs.dia.unisa.it - Transparent Cryptography Filesystem
http://www.sas.com/standards/large.file - Large file summit - attacks the problem of 2gig+ of file in a 32bit computer
http://www.coda.cs.cmu.edu/ - The CODA project (a distributed file system based on AFS)
ftp://ftp.scis.org/pub/lfs/ - LFS related papers
http://www.redhat.com:8080/HyperNews/get/khg.html - Linux Kernel Hacker's guide
http://www.win.tue.nl/~aeb/linux/largedisk.html - Large disk HOWTO
http://www.atnf.csiro.au/~rgooch/linux/kernel-patches.html - The Linux devfs
http://gfs.lcse.umn.edu/ - The Global File System (GFS)
ftp://hobbes.nmsu.edu/pub/os2/system/drivers/filesys/tvfs211.zip - The Toronto Virtual Filesystem/2.
ftp://hobbes.nmsu.edu/pub/os2/system/drivers/filesys/ramfs64.zip Dynamic RAM drive IFS driver for OS/2
http://doc.sco.com/ - UnixWare and SCO Unix documentation online
http://uw7doc.sco.com/ - UnixWare 7 documentation online
http://publib.boulder.ibm.com/cgi-bin/bookmgr/BOOKS/SG244428/CCONTENTS - Inside OS/2 LAN Server 4.0
ftp://tsx-11.mit.edu/pub/linux/ALPHA/userfs/ - Linux UserFS, it allows you to write a Linux process which implements a filesystem.
http://www.nyx.net/~sgjoen/disk.html - Stein Gjoen's Multi Disk System Tuning HOWTO.
http://linuxtoday.com/stories/5556.html - Linux Today: Kragen's Amazing List of Filesystems.
http://www.koehntopp.de/kris/artikel/dateisysteme/ - Kristian Kohntopp's Unix Filesystems (in German).