Re: Root SSH permitted by default (was: how does root run a graphical prog)
On Tue, 21 May 2002 20:50:57 +0100
"Colin Watson" <cjwatson@debian.org> wrote:
> Somebody who's allowed to run processes as you can, e.g., hijack your X
> display and install a keystroke logger.
Correct. However, this is still an extra step for the would-be cracker.
Security is all about layering defenses (the stronger the better).
Eliminating any layer willy-nilly is not a good idea. Given enough time
and computing power someone could crack a private key from a public key.
Doesn't mean that you should just toss out keyed encryption.
--
Jamin W. Collins
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: