I hope someone can help me here. I heard the following from another user (on a Linux forum):
They claim that when they set up ZFS encryption on a volume with a passphrase, and then enter then passphrase, that the data gets decrypted for all users (including root), and not only the user providing the passphrase.
If this is true, I don't understand the value of encryption at all, since it would then be possible for root to "eavesdrop" on the encrypted volumes of users.
Can anyone confirm or deny that the above claim is true? I would have thought that en encrypted volume was only decrypted during filesystem operation, and only for the user who entered the passphrase.
They claim that when they set up ZFS encryption on a volume with a passphrase, and then enter then passphrase, that the data gets decrypted for all users (including root), and not only the user providing the passphrase.
If this is true, I don't understand the value of encryption at all, since it would then be possible for root to "eavesdrop" on the encrypted volumes of users.
Can anyone confirm or deny that the above claim is true? I would have thought that en encrypted volume was only decrypted during filesystem operation, and only for the user who entered the passphrase.