Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

back

CipherTrust Intelligent Protection

File Operations with CIP

search

Please Note:

File Operations with CIP

The following tables describe expected behaviors when moving files. The behavior is different between Linux and Windows.

Move Operation

SourceDestinationResultPQS
GP1(Key1)GP1(Key1)Rename is performed and the file remains encrypted.Entity information is updated accordingly.
GP1(Key1)GP2(Key1)Rename is performed and the file remains encrypted.Entity information is updated accordingly.
GP1(Key1)GP2(Key2)Copy & Delete performed. The destination file is decrypted. It will be encrypted with the next DDC scan.The entity at the source is updated for deletion. A new entity is created for the destination.
GP1(Key1) - GDPRGP2(Key1) - PCICopy & Delete performed. The destination file is decrypted. It will be encrypted with the next DDC scan.The entity at the source is updated for deletion. A new entity is created for the destination.

The following error displays for PQS Events for the copy & delete scenario, but it does not impact functionality:
[VMD] [ERROR] [3452] [DGV6002E] Data governance exception with error [gp E:\\GP\\w98_28sta03key2 not found] in [dgv::vm::pqs::vm_pqs_file_entity_manager::persist_file_access_event] at line [799]

Move Operation

SourceDestinationResultPQS
GP1(Key1)GP1(Key1)Rename is performed and the file remains encrypted.Entity information is updated accordingly.
GP1(Key1)GP2(Key1)Copy & Delete is performed. Linux does not support file rename from key to clear_key. The following error displays: mv: setting attribute ‘user.::secfs:xattr:’ for ‘user.::secfs:xattr:’: Invalid argumentNo update in DB
GP1(Key1)GP2(Key2)Copy & Delete is performed. Linux does not support file rename from key to clear_key. The following error displays: mv: setting attribute ‘user.::secfs:xattr:’ for ‘user.::secfs:xattr:’: Invalid argumentNo update in DB
GP1(Key1) - GDPRGP2(Key1) - PCICopy & Delete is performed. Linux does not support file rename from key to clear_key. The following error displays: mv: setting attribute ‘user.::secfs:xattr:’ for ‘user.::secfs:xattr:’: Invalid argumentNo update in DB

Edit Operation

If files encrypted with CTE 7.2.0 are modified in VI editor, they become plaintext on the local storage and NFS server. The non-key users can see the encrypted files in plaintext.

Workaround: Disable the creation of default temporary files (swap files) in the VI editor using the following settings in ~/.vimrc:

  • set nobackup: Prevents creation of backup files.

  • set nowritebackup: Prevents creation of backup files while editing files.

  • set noswapfile: Prevents creation of swap files.

Truncate Operation

CIP supports the truncate operation during and after remediation of the files.

• Truncate operation is allowed on plain or encrypted file.
• File remains in the same state (plain or encrypted) after the truncate operation.
• File access should work as per the CTE policy.