Do files copied to an encrypted disk image (dmg) encrypt themselves?
Disclaimer: I'm not sure whether or not this belongs in Ask Different or security.stackexchange.com
, but I'm using a .dmg
and Disk Utility, so I'll put it here. End of disclaimer.
The title says most of it. I created an encrypted .dmg
in Disk Utility and I'm wondering: if I copy a file to it, is the file automatically encrypted and locked under the .dmg
?
It depends on your viewpoint: a file written to an encrypted disk image is immediately written encrypted to the HDD/SSD where the disk image resides.
Since the file system of the unlocked disk image is still mounted, the file appears as "unencrypted".
So a user, who can access the raw HDD/SSD only, can't read/decode the file content, but a user with the proper permissions/rights to access the whole file system (including the mounted/unlocked disk image) still can read the file.
You can test this yourself: Create an encrypted, normal writeable image.dmg as user1 in the root of your file system with 777 permissions and owner user1:staff. Now mount the image as user1 and add a file with some known content (e.g. a text file containing "stackexchange"). The file system of the encrypted disk is mounted to /Volumes with 700 permissions (only user1 can read/write).
Switch to user2 with the image file being still mounted and open/read the file image.dmg with a hex editor - though you probably see the mounted image on your desktop, you can't access it due to missing permissions. Searching for "stackexchange" will reveal nothing.