Re: -nice tree [was Re: [Swsusp-devel] Re: swsusp problems [was Re: Your opinion on the merge?]]
From: Micha Feigin
Date: Sat Mar 27 2004 - 14:52:21 EST
On Sat, Mar 27, 2004 at 04:40:47AM +0000, Luke-Jr wrote:
> On Saturday 27 March 2004 04:28 am, Micha Feigin wrote:
> > Actually it would be very unlikely that grabbing the hard disk would
> > enable to boot on another machine since you are restoring all the
> > context/modules etc. The grabber would need an identical system, and
> > even then I doubt it would work (I don't know how flexible linux and
> > the hardware are in this respect.
> But a different system *could* be used to analyze the content of the partition
> were it stolen.
It could be relevant so that you can access the resume data only on the
same computer so that access to encrypted partitions couldn't be gained
by looking at the suspend data, but I don't know how encrypted
partitions work, so can't say anything about that.
> > Its more a question of grabbing you entire computer and getting access
> > to you hard disk, including encrypted partitions. In this case you
> > would want to request a key from the user and not use a hardware
> > related key.
> hardware-related is probably better than an argument, at least.
If the key is given at resume command line and this is properly
forgotten when the resumed kernel kicks in then a user key will also
probably be ok.
It wouldn't do much good getting a safer method then the way the
encrypted partition works in the first place.
I think the difference would be user convenience more then security.
> This SF.Net email is sponsored by: IBM Linux Tutorials
> Free Linux tutorial presented by Daniel Robbins, President and CEO of
> GenToo technologies. Learn everything from fundamentals to system
> swsusp-devel mailing list
> This Mail Was Scanned By Mail-seCure System
> at the Tel-Aviv University CC.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/