[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: KWallet integration
From:       Martin Konold <martin.konold () erfrakon ! de>
Date:       2003-09-04 9:43:12
[Download RAW message or body]

Am Thursday 04 September 2003 11:08 am schrieb Daniel Stone:

Hi,

> > Everyone having root access to your machine is easily capable to steal
> > your passwords/idendentity without you even noticing.

> Aside from the fact that I only keep my GnuPG key on a few trusted
> machines, and could use SELinux and ACLs if I wanted to

FYR: Neither SELinux nor ACLs prevent abuse from a malicious root user.

> the same. My GnuPG key is password-protected with a strong password,

Does also not help if you dont trust the root user.

> The issue at hand was slightly more generic, I was just making an example.
> Encryption can defeat root.

Sorry, this is incorrect.

Regards,
-- martin

Dipl.-Phys. Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Nobelstrasse 15, 70569 Stuttgart, Germany
fon: 0711 67400963, fax: 0711 67400959
email: martin.konold@erfrakon.de

[prev in list] [next in list] [prev in thread] [next in thread]