Re: How could I install ecryptfs-utils on Buster

To: debian-user@lists.debian.org
Subject: Re: How could I install ecryptfs-utils on Buster
From: Celejar <celejar@gmail.com>
Date: Mon, 15 Apr 2019 19:56:35 -0400
Message-id: <[🔎] 20190415195635.e2370bbbac2446ce87266a6e@gmail.com>
In-reply-to: <[🔎] 0db4917c-6907-8925-46b2-6c2e908cac3e@holgerdanske.com>
References: <[🔎] CAFjJ7=PVn966LZO_bpE5626erMHVsCCSVUX86=jEpmureFhAsQ@mail.gmail.com> <[🔎] a54d69b7-d655-ea0b-63f9-e35245c920bb@holgerdanske.com> <[🔎] CAFjJ7=NegZYJeZ664rV0J1DoQ=ZemGFwCPhisThnZ2vGanLTUg@mail.gmail.com> <[🔎] 0a6d842e-3338-b444-7106-75a8e1dd2cc4@holgerdanske.com> <[🔎] CAFjJ7=MR=_Wgnm=E7+=jen7+yRe_=WGqr5UpPN+6j4kBJH5Gbg@mail.gmail.com> <[🔎] 0db4917c-6907-8925-46b2-6c2e908cac3e@holgerdanske.com>

On Thu, 11 Apr 2019 20:56:04 -0700
David Christensen <dpchrist@holgerdanske.com> wrote:

...

> If I remember encfs correctly, encfs is designed to provide exclusive 
> access to the user who mounts an encrypted folder -- no other user, 
> including root, can see the plaintext.

My understanding is that while this is technically correct, it must be
understood that any protection against a malicious root user is
nevertheless mostly illusory, since root can simply do 'su
username' (not to mention run a password sniffer, or directly examine
kernel data structures, bypassing the filesystem):

https://unix.stackexchange.com/questions/94170/use-encfs-to-encrypt-files-so-that-a-particular-user-or-process-can-access-them
https://unix.stackexchange.com/questions/47018/encfs-with-expect-access-denied
https://www.linuxquestions.org/questions/linux-security-4/can-i-protect-against-root-592947/
https://askubuntu.com/questions/316197/password-protect-files-folders-using-cli

Celejar

Reply to:

References:
- How could I install ecryptfs-utils on Buster
  - From: Pierre Fourès <pierre.foures@gmail.com>
- Re: How could I install ecryptfs-utils on Buster
  - From: David Christensen <dpchrist@holgerdanske.com>
- Re: How could I install ecryptfs-utils on Buster
  - From: Pierre Fourès <pierre.foures@gmail.com>
- Re: How could I install ecryptfs-utils on Buster
  - From: David Christensen <dpchrist@holgerdanske.com>
- Re: How could I install ecryptfs-utils on Buster
  - From: Pierre Fourès <pierre.foures@gmail.com>
- Re: How could I install ecryptfs-utils on Buster
  - From: David Christensen <dpchrist@holgerdanske.com>

Prev by Date: Re: Stretch with MATE DE - odd new file association problem
Next by Date: Re: Cannot re-install synaptic on Buster.
Previous by thread: Re: How could I install ecryptfs-utils on Buster
Next by thread: Re: How could I install ecryptfs-utils on Buster
Index(es):
- Date
- Thread