Re: Mutt & tmp files

[Craig Dickson <crdic@yahoo.com>]

Florian Bantner wrote:

> > Hmm, have you considered ramdisks?
> 
> That's the idea I was looking for. Heard also today of the
> possibility to encrypt whole filessystems. In the moment I'm
> thinking about that. A combination was nice. When I'm right this
> would make it even for root hard to do something. Not impossible but
> hard. That's really not bad at all.

It depends what kind of skills you expect root to have. Remember that
root is in a position to modify the kernel if he wants to. I can easily
imagine a kernel patch that watches the ramdisk (or any fs) for certain
types of files (by name, ownership, or whatever), and makes extra copies
of them under /root without the user's knowledge. It probably wouldn't
even be a hard change to make. And of course, for the ramdisk to exist
in the first place, you need root's cooperation, so he probably knows
why you want it and what you're using it for.

Even without a kernel patch, he can always just modify mutt, vim, or gpg
to do what he needs. Or just replace vim with a shell script that calls
the real vim and then copies the file for him afterwards (the easiest
method, though also the most obvious).

You can make it so that root has to do more than look in /tmp for
cleartext files, but I doubt you can make it hard if root is a competent
programmer.

Craig