On Thursday 05 June 2003 17:16, Peter Cordes wrote: > kernel. (Even if you put the password in the kernel, you want to hide the > initrd, because it will have mount(8) getting a password from /proc/sekret, > or something.) Use some sort of encrypted filesystem on the hard drive.
When you're hacking the kernel already, you don't need /proc/sekret: just take a kernel-space encrypted filesystem and hack it to automatically take the 5up3r 53kr3t p4zzw0rd when the type of the fs to be mounted is 'encrypted' (abuse the partition table fs type field). As others have said: don't tell anybody what you're doing - from a security point of view it is totally ridiculous. But it should foil the casual nosy guy. greets -- vbi -- random link of the day: http://fortytwo.ch/sienapei/laejieng
pgpKIpImicSsj.pgp
Description: signature
