I am experimenting eCryptfs. It is quite good. I have encrypted one directory which is having some confidential data. I can view/edit this data by mounting it via ecrypts tools. While mounting it does ask me password. So I write a short script which will be non-interactive. All is good so far.
Now I am afraid that if someone reads this script then he might see that confidential data. So thinking if I write a short and simple kernel module, which will mount this directory for me OR this module will create a script upon insertion, which I can execute while boot up from initramfs itself and delete this script immediately once it's work done.
I am not sure that is this possible at all! If possible then is it ethical to do so? If possible then it will be really helpful if someone guides me in proper direction.
Underlying OS is Ubuntu-22.04 and I am using custom kernel i.e. 5.15.85
