summaryrefslogtreecommitdiffstats
path: root/sbin/geom
diff options
context:
space:
mode:
authorpjd <pjd@FreeBSD.org>2007-03-05 12:39:49 +0000
committerpjd <pjd@FreeBSD.org>2007-03-05 12:39:49 +0000
commit9c67960d12613ef9ec0631c06d10b562739a0261 (patch)
treeaefa1c8a39eaf86c9f77e98bf7f45472c12c1141 /sbin/geom
parent2de8c2110731d440f878077ada5e5ee94dfe49ad (diff)
downloadFreeBSD-src-9c67960d12613ef9ec0631c06d10b562739a0261.zip
FreeBSD-src-9c67960d12613ef9ec0631c06d10b562739a0261.tar.gz
Fix incorrect comment. Geli will protect against data modification, of
course! It won't protect against reply attacks - try harder to explain them correctly. MFC after: 1 week
Diffstat (limited to 'sbin/geom')
-rw-r--r--sbin/geom/class/eli/geli.811
1 files changed, 6 insertions, 5 deletions
diff --git a/sbin/geom/class/eli/geli.8 b/sbin/geom/class/eli/geli.8
index d86f527..3f1da72 100644
--- a/sbin/geom/class/eli/geli.8
+++ b/sbin/geom/class/eli/geli.8
@@ -630,12 +630,13 @@ The offset and size of the corrupted data will be printed on the console.
It is important to know against which attacks
.Nm
provides protection for your data.
-If data is modified or copied from one place on the disk
-to another,
+If data is modified in-place or copied from one place on the disk
+to another even without modification,
.Nm
-should be able to detect such a modification.
-If an attacker can remember the encrypted data, modify them and write them
-back to the same place, the modification will not be detected.
+should be able to detect such a change.
+If an attacker can remember the encrypted data, he can overwrite any future
+changes with the data he owns without notice.
+In other words
.Nm
will not protect your data against replay attacks.
.Sh SEE ALSO
OpenPOWER on IntegriCloud