On Fri, Mar 24, 2006 at 09:45:07AM +0100, Erik Norgaard wrote:
> It is not that file permissions doesn't work but having data that is not
> yours unencrypted lowers the barrier for trespassing. Evil admins - even
> if only temporarily evil - can access data they shouldn't.
If you setup some autom
Igor Robul wrote:
On Wed, Mar 22, 2006 at 10:14:32AM +0100, Erik Norgaard wrote:
home partition which is fine for single user laptops, but on multiuser
systems, each home directory should be distinct encrypted partitions in
order not to disclose data to other users.
Maybe I'm wrong, but what h
On Wed, Mar 22, 2006 at 10:14:32AM +0100, Erik Norgaard wrote:
> home partition which is fine for single user laptops, but on multiuser
> systems, each home directory should be distinct encrypted partitions in
> order not to disclose data to other users.
Maybe I'm wrong, but what happened with fi
On Wed, 22 Mar 2006 11:20:34 +0100
Erik Norgaard <[EMAIL PROTECTED]> wrote:
> Using geli appears to be the same as for gbde.
Using geli here (FreeBSD 6.1-PRERELEASE #0). since this is my
(work) laptop, the only (allowed) user is me - I simply use sudo as
needed (IOW, yes, mdconfig , geli and moun
Erik Norgaard wrote:
Is there any possibility for users to mount their own encrypted mfs?
I played a bit with mdconfig and gbde:
1) it seems that ordinary users cannot create any devices. I guess this
should be configurable in devfs.rules or devfs.conf? At least that would
allow user creati
On 3/22/06, Erik Norgaard <[EMAIL PROTECTED]> wrote:
> Kenyon Ralph wrote:
> > On 3/22/06, Erik Norgaard <[EMAIL PROTECTED]> wrote:
> >> 2) One thing is to create an entire encrypted device for /home. But that
> >> have the unfortunate consequence that other user's data is unencrypted
> >> once the
Kenyon Ralph wrote:
On 3/22/06, Erik Norgaard <[EMAIL PROTECTED]> wrote:
2) One thing is to create an entire encrypted device for /home. But that
have the unfortunate consequence that other user's data is unencrypted
once the system is up.
What would be more appropriate is a solution where each
Erik Norgaard wrote:
Hi:
1) I was thinking, what is the performance penalty of storing data on
an encrypted device? Sure, for writing documents, coding and stuff, I
guess the performance loss is insignificant, but for music and video
which then needs to be decrypted and then decoded, is this
On 3/22/06, Erik Norgaard <[EMAIL PROTECTED]> wrote:
> 2) One thing is to create an entire encrypted device for /home. But that
> have the unfortunate consequence that other user's data is unencrypted
> once the system is up.
>
> What would be more appropriate is a solution where each home-dir is a
Hi:
1) I was thinking, what is the performance penalty of storing data on an
encrypted device? Sure, for writing documents, coding and stuff, I guess
the performance loss is insignificant, but for music and video which
then needs to be decrypted and then decoded, is this a problem?
2) One th
10 matches
Mail list logo
