Re: [RFC][PATCH 8/8] SLIM: documentation

From: Pavel Machek
Date: Wed Aug 30 2006 - 19:44:13 EST

Next message: Mathieu Desnoyers: "[PATCH 2/16] LTTng : Linux Trace Toolkit Next Generation 0.5.95, kernel 2.6.17 (bz2)"
Previous message: Adrian Bunk: "Re: [PATCH 17/17] BLOCK: Make it possible to disable the block layer [try #2]"
In reply to: Pavel Machek: "Re: [RFC][PATCH 8/8] SLIM: documentation"
Next in thread: David Safford: "Re: [RFC][PATCH 8/8] SLIM: documentation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> > But my ssh data can't be classified higher, because ssh interacts with
> > network. Ouch.
> >
> > You are right that this will make recovery from spyware attack easier,
> > but...
>
> Here you are raising concerns over secrecy, which is a totally separate
> issue from integrity. In order to protect the secrecy of files, you
> would distinguish PUBLIC files from USER-SENSITIVE/SYSTEM-SENSITIVE
> files.

So... will I be able to set ~/.ssh/private_key to USER-SENSITIVE and
still use ssh to log in to remove machines? Will trojans coming from
network be able to read that file?

I do not think see how that can work... because ssh accesses network,
and needs to know my private_key.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mathieu Desnoyers: "[PATCH 2/16] LTTng : Linux Trace Toolkit Next Generation 0.5.95, kernel 2.6.17 (bz2)"
Previous message: Adrian Bunk: "Re: [PATCH 17/17] BLOCK: Make it possible to disable the block layer [try #2]"
In reply to: Pavel Machek: "Re: [RFC][PATCH 8/8] SLIM: documentation"
Next in thread: David Safford: "Re: [RFC][PATCH 8/8] SLIM: documentation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]