On 19 Feb 2001, at 17:02, Jack Coates wrote:
> that could be very handy for service images, but router/fw images
> are not likely to have a need (except for VPN which AFAIK doesn't
> use kerneli.org stuff).
Possibly true. However, crypto does enhance security. My main
purpose is to expand flexibility and so on; for the crypto kernel it
would be useful for accessing crypto filesystems on a hard drive,
especially if the full Linux distribution on the hard drive does NOT
support crypto file systems (TOP SECURITY!).
It could also be used for hard drives, providing a fully encrypted
(nonbootable) filesystem - provides physical security if the hard
drive is removed.
It could also be used to render any swap space useless if someone
decides to go wandering through the swap file/partition. This was
recently suggested in one of the security forums I'm a part of - you
encrypt the swap space each time you use it; when the drive is
removed the swap space is jibberish - no more scanning swap for
passwords :-) NOTE: this is apparently only possible under the patch
for Linux 2.4.
--
David Douthitt
UNIX Systems Administrator
HP-UX, Linux, Unixware
[EMAIL PROTECTED]
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
