[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: KWallet integration
From:       Stephan Kulow <coolo () kde ! org>
Date:       2003-09-04 9:08:52
[Download RAW message or body]

On Thursday 04 September 2003 10:56, Martin Konold wrote:

> > That does not, however, mean that I want everyone to be able to use my
> > GnuPG key
> 
> Your goal is impossible to be reached!
> 
> Everyone having root access to your machine is easily capable to steal your 
> passwords/idendentity without you even noticing. The Unix/Linux security 
> model simply provides _no_ means to be save from a malicious root.

Well, sure. It's all about the right limits. There is a difference between 
a) installing trojan horses and steal your passphrase 
and
b) click in kmail/kgpg

Security is always about limits - so just because any limit can be worked
around, we don't have to lower our limits.

Greetings, Stephan

-- 
There may be no I in TEAM, but a M and an E.
[prev in list] [next in list] [prev in thread] [next in thread]