On Sunday 03 July 2005 03:16, Dominik Margraf wrote:
> Hello!
>
> Currently, the default setting is that root can see and modify
> anything, including the contents of the users' folders, moreover,
> users can also see the contents of other users' folders by default.
> These pose a significant confi
> You do have to trust the entity that provides your service, and its
> agents, at least to some extent.
>
> For example, an encrpyted filesystem does you no good if you are
> using the hardware provided by the hosting company which can insert
> keyloggers and take copies of the private keys whic
Shaun Lipscombe wrote:
> ... and I should have said.. and then use ~/dominik as your ~.
Don'tcha mean "I should have said, chmod 700 ~"
[EMAIL PROTECTED]:~} pwd
/home/grey
[EMAIL PROTECTED]:~} ls -ld /home/grey
drwxr-xr-x 59 grey grey 2856 2005-07-04 03:51 /home/grey
[EMAIL PROTECTED]:~} chm
On Sun, Jul 03, 2005 at 06:17:12PM -0400, Stephen R Laniel wrote:
> Anyway, the point is that you really *shouldn't* trust the
> root user if you don't have to. And if you can encrypt your
> filesystem, you should.
You do have to trust the entity that provides your service, and its
agents, at leas
On Sun, Jul 03, 2005 at 06:17:12PM -0400, Stephen R Laniel wrote:
> On Sun, Jul 03, 2005 at 11:25:21AM -0500, Adam Fabian wrote:
> > The short version is that you must trust the root user, period
[snip]
> Anyway, the point is that you really *shouldn't* trust the
> root user if you don't have to.
As with Windows NT security, it is false that no one can read the
data on the disk. If you boot with a proper rescue CD that can read
NTFS, then you can read everything, regardless of permission. In Mac
OS X you have the option to encrypt home directories, but there is
the possibility to ha
On Sun, Jul 03, 2005 at 11:25:21AM -0500, Adam Fabian wrote:
> The short version is that you must trust the root user, period
That's nice as a general guideline, but most of the time you
have no reason to trust *or* distrust the root user. Most
people's sysadmins are through big corporations like
On Sun, Jul 03, 2005 at 02:03:39PM -0800, Greg Madden wrote:
> On Saturday 02 July 2005 11:16 pm, Dominik Margraf wrote:
> > Currently, the default setting is that root can see and modify
[snip]
> The default permission for the first user (greg) on a new install on my
> Sarge box is: 'drwxr-xr--
On Saturday 02 July 2005 11:16 pm, Dominik Margraf wrote:
> Hello!
>
> Currently, the default setting is that root can see and modify
> anything, including the contents of the users' folders, moreover,
> users can also see the contents of other users' folders by default.
> These pose a significant
On Sun, Jul 03, 2005 at 07:16:57PM +1200, Dominik Margraf wrote:
> Therefore is there any way to encrypt all users' folders and making
> the computer to set this up by default when a new user is generated?
> So that even the root can't see the contents of the users' folders.
If you set up encrypt
Lee Braiden wrote:
> I'm not sure what you're getting at. The alternative of not having anyone
> who
> is trusted?
Yup. Imagine trying to install something when even root cannot write to
the install directories. That's what NT was like without admin privies on any
user.
--
Stev
On Sunday 03 Jul 2005 09:29, Steve Lamb wrote:
> Lee Braiden wrote:
> > root needs to be responsible, trustworthy, and trusted. Since root can
> > do virtually anything, it makes no sense to *try* to hide things from
> > him/her. The best you can do is to obscure things, so that root won't
> > acc
Lee Braiden wrote:
> root needs to be responsible, trustworthy, and trusted. Since root can do
> virtually anything, it makes no sense to *try* to hide things from him/her.
> The best you can do is to obscure things, so that root won't accidentally
> find them out without trying to. If you do
On Sunday 03 Jul 2005 08:16, Dominik Margraf wrote:
> Currently, the default setting is that root can see and modify
> anything, including the contents of the users' folders, moreover,
> users can also see the contents of other users' folders by default.
> These pose a significant confidentiality a
Hello!
Currently, the default setting is that root can see and modify
anything, including the contents of the users' folders, moreover,
users can also see the contents of other users' folders by default.
These pose a significant confidentiality and security risk.
Therefore is there any way to en
15 matches
Mail list logo