Re: Writing to /etc/ from a "privileged" UI

[Osamu Aoki <osamu@debian.org>]

On Wed, May 11, 2011 at 10:15:48PM +0100, Dominic Hargreaves wrote:
> On Wed, May 11, 2011 at 10:54:16PM +0200, Adam Borowski wrote:
> > On Wed, May 11, 2011 at 10:05:40PM +0200, Frank Küster wrote:
> > > Not at the same time, but someone might allow a user of a laptop to
> > > access their WLAN, but neither accept that an other user of the laptop
> > > should be able to use the same network without asking, nor that the keys
> > > be written in a system-wide configuration file.
> > 
> > Sorry but if you alternate physical possession of a laptop with someone whom
> > you suspect of being hostile, no files are secure as long as they're stored
> > on that laptop.
> 
> This is not necessarily the case if a per-user encrypted filestore,
> such as ecryptfs, is in use (where a user may be unlocking access to
> their home directory at the same time as logging in, via a pam hook).

Ecryptfs is good at protecting user data in case of stolen hardware but
in case of alternate physical possession, it is not much of protection.
All it requires is to set up one daemon running as root to copy your
data with different permission automatically after you log-in to your
account and hand it back to you.  Not even kernel trick is needed for
this and very simple.

But if you are protecting your kids from accessing uncontrolled network,
may be simple solution such as making some configuration file unreadable
by other normal user may be sufficient.  Adding some logging od your
kids account activity may be another good practice.

Osamu