On Fri, 18 Feb 2000, Horst von Brand wrote:
>Date: Fri, 18 Feb 2000 20:15:40 -0300
>From: Horst von Brand <vonbrand@sleipnir.valparaiso.cl>
>To: mharris@meteng.on.ca
>Cc: Linux Kernel mailing list <linux-kernel@vger.rutgers.edu>
>Subject: Re: Userland encrypted filesystem that root cannot access.
>
>"Mike A. Harris" <mharris@meteng.on.ca> said:
>> Are there any patches for the kernel, or userland solutions which
>> allow a user to mount an encrypted filesystem (perhaps through
>> loopback) which while mounted, root cannot read? Or is this
>> concept beyond Linux currently?
>
>> I'm thinking of the case where the superuser can admin the
>> machine but due to confidentiality, the data must not be readable
>> by root under any circumstance. Possible?
>
>A determined root will be able to snoop on your password and stash the
>contents of your encrypted media away for leisurly study. Not easy to do,
>but not terribly hard either.
Thanks, I'm aware of that, however that would be acceptable.
The particular case I'm thinking about, root is for all intents
and purposes a bucket of chicken. ;o) Certainly not capable of
hacking anything... A *TRUE* secure solution would be nice, but
a "stop luser root" solution would be fine...
Thanks.
TTYL
-- Mike A. Harris Linux advocate Computer Consultant GNU advocate Capslock Consulting Open Source advocateJoin the FreeMWare project - the goal to produce a FREE program in which you can run Windows 95/98/NT, and other operating systems.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:22 EST