Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap?
From: Kris Kennaway (krisFreeBSD.org)
Date: Mon Jul 24 2000 - 18:12:17 CDT

On Mon, 24 Jul 2000, Mike Silbersack wrote:

> Encrypting at that low of a level wouldn't be very useful in the long
> run. For an encrypted filesystem to be truly useful, each user's files
> are encrypted with their own key. A partition-wide encryption doesn't
> protect anything if you get root hacked on your box.

Except this breaks the Unix filesystem semantic that you can read other
people's files (if they have to provide their key manually and it is not
pre-available), which is probably necessary for system operation. Unless
all of the keys were available in the kernel without user intervention and
stored persistently (perhaps encrypted by a master key), which sort of
defeats the purpose unless you have somewhere "better" to store the key
table than on disk.


In God we Trust -- all others must submit an X.509 certificate.
    -- Charles Forsythe <forsythealum.mit.edu>

To Unsubscribe: send mail to majordomoFreeBSD.org with "unsubscribe freebsd-security" in the body of the message