[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: KWallet integration
From:       Martin Konold <martin.konold () erfrakon ! de>
Date:       2003-09-04 8:56:04
[Download RAW message or body]

Am Thursday 04 September 2003 10:36 am schrieb Daniel Stone:

Hi,

> > In general adding extra "security" features which dont really work only
> > provides people with a missleading impression about their security
> > status.

> I'm afraid I have to disagree with you here. I leave my screen unlocked at
> home and generally at work, but mainly because everyone in the office has
> sudo access to all the machines anyway, and at home, there are a couple of
> people with the root password.

> That does not, however, mean that I want everyone to be able to use my
> GnuPG key

Your goal is impossible to be reached!

Everyone having root access to your machine is easily capable to steal your 
passwords/idendentity without you even noticing. The Unix/Linux security 
model simply provides _no_ means to be save from a malicious root.

Regards,
-- martin

Dipl.-Phys. Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Nobelstrasse 15, 70569 Stuttgart, Germany
fon: 0711 67400963, fax: 0711 67400959
email: martin.konold@erfrakon.de

[prev in list] [next in list] [prev in thread] [next in thread]