Re: Writing to /etc/ from a "privileged" UI

To: debian-devel@lists.debian.org
Subject: Re: Writing to /etc/ from a "privileged" UI
From: Dominic Hargreaves <dom@earth.li>
Date: Wed, 11 May 2011 22:15:48 +0100
Message-id: <[🔎] 20110511211547.GW4371@urchin.earth.li>
In-reply-to: <[🔎] 20110511205416.GA1073@angband.pl>
References: <4DC771AC.703010@scrawlstudios.com> <1304918280.f23BC38D1406.20467@mail.ua> <[🔎] 20110509093907.01a24e16@local> <[🔎] 20110509091253.GA7470@angband.pl> <[🔎] 20110509112003.3254a13b@local> <[🔎] 20110509134541.GB633@cleo.wdw> <[🔎] 20110509165939.598ef038@local> <[🔎] 20110509152600.GB10566@ca.home.jhr-online.de> <[🔎] 87ei456m0b.fsf@alhambra.kuesterei.ch> <[🔎] 20110511205416.GA1073@angband.pl>

On Wed, May 11, 2011 at 10:54:16PM +0200, Adam Borowski wrote:
> On Wed, May 11, 2011 at 10:05:40PM +0200, Frank Küster wrote:
> > Not at the same time, but someone might allow a user of a laptop to
> > access their WLAN, but neither accept that an other user of the laptop
> > should be able to use the same network without asking, nor that the keys
> > be written in a system-wide configuration file.
> 
> Sorry but if you alternate physical possession of a laptop with someone whom
> you suspect of being hostile, no files are secure as long as they're stored
> on that laptop.

This is not necessarily the case if a per-user encrypted filestore,
such as ecryptfs, is in use (where a user may be unlocking access to
their home directory at the same time as logging in, via a pam hook).

Dominic.

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)

Reply to:

Follow-Ups:
- Re: Writing to /etc/ from a "privileged" UI
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

References:
- Writing to /etc/ from a "privileged" UI
  - From: David Paleino <dapal@debian.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Adam Borowski <kilobyte@angband.pl>
- Re: Writing to /etc/ from a "privileged" UI
  - From: David Paleino <dapal@debian.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Marvin Renich <mrvn@renich.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: David Paleino <dapal@debian.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Jan Hauke Rahm <jhr@debian.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Frank Küster <frank@debian.org>
- Re: Writing to /etc/ from a "privileged" UI
  - From: Adam Borowski <kilobyte@angband.pl>

Prev by Date: Re: Writing to /etc/ from a "privileged" UI
Next by Date: Re: Writing to /etc/ from a "privileged" UI
Previous by thread: Re: Writing to /etc/ from a "privileged" UI
Next by thread: Re: Writing to /etc/ from a "privileged" UI
Index(es):
- Date
- Thread