Re: Root is God? (was: Mutt & tmp files)

To: <@murphy.debian.org <debian-security@lists.debian.org>>
Subject: Re: Root is God? (was: Mutt & tmp files)
From: "James Hamilton" <JAMESH@davistl.com>
Date: Fri, 16 Nov 2001 09:55:20 -0800
Message-id: <[🔎] sbf4e2ad.050@evrtwa1-ar4-158-133.biz.dsl.gtei.net>

This thread is getting old.  If you don't want root to read your email, 
use an editor that can be set to not store temp files, use ASCII armor, 
and encrypt everything before you send it.  Root could still access 
memory while you are composing the messages, so maybe you 
should compose them on another system (like your own, for instance).
Of course, you could use that same system on which you have root 
to send the files.  The easiest solution, then, is, if you want privacy,
don't do things in plaintext on a box someone else admins.  Cake.  
Find yourself a computer for $300 and save money from your 
paper-route to buy it or something.  

The other solution is a little harder.  Linux wasn't ever meant to be a 
capability based system in which the users have rights to privacy.  
The users simply have to trust root to respect their privacy  (and, as 
this discussion has pointed out so pedantically, there are things the 
users can try to do to maximize their privacy, if they so choose).  The 
real solution is to write a capability-based OS (or throw in your lot with 
Eros) and set it up with users' privacy from root in mind.  People will 
say "Well, that's what LIDS does for Linux.", but since Linux wasn't
architected with this in mind, I suspect there will always be holes that
root can find to get past this.

Reply to:

Prev by Date: Re: Root is God? (was: Mutt & tmp files)
Next by Date: default PAM settings
Previous by thread: Re: Mutt & tmp files -- Root is not my Enemy
Next by thread: Re: Root is God? (was: Mutt & tmp files)
Index(es):
- Date
- Thread