Re: Isn't it time for the encrypted file system???: msg#00078

Jeremy Katz wrote:

* You don't want an encryption that's global across all of /home, you
really want to encrypt each user's home directory separately so that
they can access their own stuff without needing any sort of admin

 Sorry, but privacy on system where someone other has root permissions
 is illusion only. I don't understand how could be really safe system
 where admin is able to modify kernel or some system util and steal
 your password (or private key or whatever).


No, I'm saying that Bob shouldn't need an administrator to unlock
the /home on his laptop.  But Bob and Jim should be able to both have
accounts (or maybe it's Bob and his girlfriend)

So based on the current way that the we do encryption (block-level foran entire parition?) sucks because it doesn't allow this kind of thing?Sounds like we have some work to do to make it really useful.


--Chris

--
Fedora-maintainers mailing list
Fedora-maintainers@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers

<Prev in Thread]	Current Thread	[Next in Thread>

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: Isn't it time for the encrypted file system???, Jeremy Katz
Next by Date:	Re: Isn't it time for the encrypted file system???, Christopher Blizzard
Previous by Thread:	Re: Isn't it time for the encrypted file system???, Jeremy Katz
Next by Thread:	Re: Isn't it time for the encrypted file system???, Alan Cox
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: Isn't it time for the encrypted file system???, Jeremy Katz

Next by Date:

Re: Isn't it time for the encrypted file system???, Christopher Blizzard

Previous by Thread:

Re: Isn't it time for the encrypted file system???, Jeremy Katz

Next by Thread:

Re: Isn't it time for the encrypted file system???, Alan Cox

Indexes:

[Date] [Thread] [Top] [All Lists]