On Thu, Apr 21, 2005 at 19:44:56 +0100, Jamie Lokier wrote: > Jan Hudec wrote: > > By the way, IIRC so far the root can access all kernel memory too via > > /dev/kmem. So the limiting of root's rights would have to be limited > > a bit more yet. > > On some hardened systems, root is not allowed access to /dev/kmem.
That sure makes sense. Still the secret keys must either never leave
kernel (which would need all the encryption, decryption and checking
code in kernel), or they must be protected in userland too. Which means
the process has to be protected against being ptraced or inspected
through /dev/mem.
-------------------------------------------------------------------------------
Jan 'Bulb' Hudec <[EMAIL
PROTECTED]>
signature.asc
Description: Digital signature
