Re: Writing to /etc/ from a "privileged" UI
Henrique de Moraes Holschuh <firstname.lastname@example.org> writes:
> On Wed, 11 May 2011, Dominic Hargreaves wrote:
>> This is not necessarily the case if a per-user encrypted filestore,
>> such as ecryptfs, is in use (where a user may be unlocking access to
>> their home directory at the same time as logging in, via a pam hook).
> I suppose you do have done the non-trivial steps required to secure the
> box against a rogue kernel install by the 'untrusted' person?
> This is only one possible attack vector. There are others. There are
> defenses, but they go way beyond 'a per-user encrypted filesystem'.
While this is all of course correct from a theoretical security
standpoint, and these are all things one needs to care about if hardening
a system against arbitrary attackers, a lot of real-life security isn't
like that. There's often a good bit of merit in making reading private
data reasonably difficult but not bothering making it impossible when the
attacks one is worried about are casual snooping or accidental
eavesdropping as opposed to concerted effort.
Russ Allbery (email@example.com) <http://www.eyrie.org/~eagle/>