Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

10.3: Avoid FileVault use on shared access accounts System
After doing some exploration of the way that FileVault is implemented in Panther, I have found that as it currently stands, it is fundamentally incompatible with account-level file sharing. Although a previous hint shows how to re-enable file sharing for an account which is logged in (while also making the files world-readable, somewhat defeating the point to FileVault to begin with), as of OS X 10.3.0, as soon as an account logs out, its FileVault area is unmounted, meaning that the files are now inaccessible. Additionally, the way FileVault is implemented means you cannot remotely log in (via ssh) to a FileVault account which isn't currently logged in on the console.

So, exercise caution before enabling FileVault on an account on a file server, because it might secure your files much more tightly than you expect. Hopefully these issues will be addressed in a future version of Panther.

    •    
  • Currently 2.00 / 5
  You rated: 5 / 5 (7 votes cast)
 
[6,914 views]  

10.3: Avoid FileVault use on shared access accounts | 1 comments | Create New Account
Click here to return to the '10.3: Avoid FileVault use on shared access accounts' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.3: Avoid FileVault use on shared access accounts
Authored by: brianboonstra on Nov 18, '03 11:00:49AM
Shouldn't there be a workaround for the ssh problem? I'm thinking one could just mount the homedir disk image from the command line using hdiutil.

[ Reply to This | # ]