From kde-core-devel  Thu Sep 04 09:43:12 2003
From: Martin Konold <martin.konold () erfrakon ! de>
Date: Thu, 04 Sep 2003 09:43:12 +0000
To: kde-core-devel
Subject: Re: KWallet integration
X-MARC-Message: https://marc.info/?l=kde-core-devel&m=106266908104728

Am Thursday 04 September 2003 11:08 am schrieb Daniel Stone:

Hi,

> > Everyone having root access to your machine is easily capable to steal
> > your passwords/idendentity without you even noticing.

> Aside from the fact that I only keep my GnuPG key on a few trusted
> machines, and could use SELinux and ACLs if I wanted to

FYR: Neither SELinux nor ACLs prevent abuse from a malicious root user.

> the same. My GnuPG key is password-protected with a strong password,

Does also not help if you dont trust the root user.

> The issue at hand was slightly more generic, I was just making an example.
> Encryption can defeat root.

Sorry, this is incorrect.

Regards,
-- martin

Dipl.-Phys. Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Nobelstrasse 15, 70569 Stuttgart, Germany
fon: 0711 67400963, fax: 0711 67400959
email: martin.konold@erfrakon.de