On Thu, Apr 21, 2005 at 19:44:56 +0100, Jamie Lokier wrote: > Jan Hudec wrote: > > By the way, IIRC so far the root can access all kernel memory too via > > /dev/kmem. So the limiting of root's rights would have to be limited > > a bit more yet. > > On some hardened systems, root is not allowed access to /dev/kmem.
That sure makes sense. Still the secret keys must either never leave kernel (which would need all the encryption, decryption and checking code in kernel), or they must be protected in userland too. Which means the process has to be protected against being ptraced or inspected through /dev/mem. ------------------------------------------------------------------------------- Jan 'Bulb' Hudec <[EMAIL PROTECTED]>
signature.asc
Description: Digital signature