-
|
There are currently some questions about the type of protected file , and my configuration is as follows: {path="/res_enc", uri="file:/home/res_enc/", type="encrypted", keyname="_sgx_mrsigner"}, When I run the enclave application, the result file res1. bin will be generated in the /home/res_enc/data1/ directory. If I manually move res1. bin to the /home/res_enc/data2 path and fail to open the file, "error: Permission denied", is there a relationship between opening the ciphertext file and its path? Can you solve it by modifying something? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
Yes, there is a relationship between the encrypted file and its path. See https://www.tatetian.io/2017/01/15/understanding-sgx-protected-file-system/. This is done for security reasons.
Why do you need to move the file exactly? What you can do is to emulate file move via creating a new file (under |
Beta Was this translation helpful? Give feedback.
-
|
Because there is currently a scenario where training, deployment, and prediction are carried out separately. The deployment phase will transfer the trained model files to the predicted route. Based on your answer, we are ready to use Gramine to copy files without using the system's mv Thanks |
Beta Was this translation helpful? Give feedback.
Yes, there is a relationship between the encrypted file and its path. See https://www.tatetian.io/2017/01/15/understanding-sgx-protected-file-system/. This is done for security reasons.
Why do you need to move the file exactly?
What you can do is to emulate file move via creating a new file (under
/home/res_enc/data2/) and copying the contents of your original file (under/home/res_enc/data1/) into this new file. Then Gramine does the correct re-encryption.