Sunday, June 01, 2008

FileVault test


I got a new computer at work, finally*. Now I have to transfer my account on the current machine to the new machine.

However, the account on the current machine is encrypted with FileVault, and is fairly large. (Possibly larger than the remaining free space on the machine, but I’m not sure about that.)

The question is whether deleting a file vaulted account results in an encrypted disk image of the user’s home folder? I decided to test this at home. (I’m a professional, I can do this.)

I created a new account on the home machine and FileVaulted it. It turned out that I had not set a master password for the machine, and creating an FV account requires that. Who knew…

I created the account and added a few things into Documents, iTunes library, and iPhoto library. I then attempted to turn on FV for the account, but the machine warned me that I couldn’t do this with other accounts open. I switched to my main working account and logged out, then back to the test account and turned on FV. It started the process by effectively logging me out, then encrypting the account by (presumably) creating a new encypted sparse image and copying the test user data into that. It then securely deleted the test user account’s files, and dumped me back into the login screen.

I logged in and checked it (all okay) and logged out. Went back into my main user account and deleted the test account through the Accounts preference pane. This took about :90 seconds, which wasn’t a problem.

Unencrypted, the data volume for the test account’s ~/ was about 142MB. Encypted, the data volume for the test user’s encrypted sparse image was almost 190MB. Apparently there is some overhead.

Next test is to create another test account and then move the orphaned files from the first test into the second test, and see if they properly inherit permissions. Given how the encrypted home was deleted into an unencrypted sparse image I anticipate no problems.

Follow up: I was wrong. There is a problem.



I attempted to open the FileVault Test sparse image with Disk Utility but it failed, both in /Users/Deleted Users and when I moved it to my own Desktop.

So I’ll have to look to the user forums and the books in hope for a solution.
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)