Re: Keeping files away from users

To: debian-security@lists.debian.org
Subject: Re: Keeping files away from users
From: Thomas Ritter <th.ritter@gmx.net>
Date: Thu, 5 Jun 2003 12:50:38 +0200
Message-id: <[🔎] 200306051250.39065.th.ritter@gmx.net>
In-reply-to: <[🔎] 200306050930.51198.lgomez@infoemergencias.com>
References: <[🔎] 200306050930.51198.lgomez@infoemergencias.com>

Am Donnerstag, 5. Juni 2003 09:30 schrieb Luis Gomez - InfoEmergencias:
> We'd like to protect that content, so that even if someone unplugs the
> machine and connects the HD to another Linux box, they can't access that
> information. Of course it's difficult to do, but we think there might be a
> possibility to achieve success.

Mh, this sounds like "security through obscirity" to me... And the next thing 
is, you want to make files readable by the system, not by humans. When you 
provide a password for an encrypted device at boot time, the password will 
end up on a piece of paper pinned to the monitor. Servers have to be booted 
when they go down, not when the one sysadmin who knows the PW comes back...

Don't make too much fuss about encrypting. If your machine has one little 
security hole, the attacker will get all data unencrypted. That's not worth 
the effort!

-- 
Thomas Ritter

"Those who would give up essential liberty, to purchase a little temporary 
safety, deserve neither liberty nor safety."  - Benjamin Franklin

Reply to:

References:
- Keeping files away from users
  - From: Luis Gomez - InfoEmergencias <lgomez@infoemergencias.com>

Prev by Date: Re: Keeping files away from users
Next by Date: urgent request please
Previous by thread: Re: Keeping files away from users
Next by thread: Re: Keeping files away from users
Index(es):
- Date
- Thread