KWallet integration

Daniel Stone daniel at fooishbar.org
Thu Sep 4 11:32:25 BST 2003


On Thu, Sep 04, 2003 at 11:43:12AM +0200, Martin Konold wrote:
> Am Thursday 04 September 2003 11:08 am schrieb Daniel Stone:
> > > Everyone having root access to your machine is easily capable to steal
> > > your passwords/idendentity without you even noticing.
> 
> > Aside from the fact that I only keep my GnuPG key on a few trusted
> > machines, and could use SELinux and ACLs if I wanted to
> 
> FYR: Neither SELinux nor ACLs prevent abuse from a malicious root user.

In what way? If I deny the root user access to the files in question, as well as
direct raw access, there's nothing they can do without physical access.

> > the same. My GnuPG key is password-protected with a strong password,
> 
> Does also not help if you dont trust the root user.

Not on any of the machines I have it on now, no - they don't run SELinux or ACLs
(which don't solve the problem of raw access). But that's because I trust the
root users - myself, work admins, and a DD who I'm good friends with (and have
banking details of), respectively.

> > The issue at hand was slightly more generic, I was just making an example.
> > Encryption can defeat root.
> 
> Sorry, this is incorrect.

In what way? If I encrypted something with a 10240-byte public key, even if you
*can* access it, you have no hope in hell (short of the electrodes) of
decrypting it this millennium.

(BTW, if you don't believe me, log in to Russell Coker's SELinux playbox as
root and see how far you get; there's a reason the NSA gave them money).

-- 
Daniel Stone                                              <daniel at fooishbar.org>
http://www.debian.org - http://www.kde.org - http://www.freedesktop.org
"Configurability is always the best choice when it's pretty simple to implement"
  -- Havoc Pennington, gnome-list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20030904/10e138ce/attachment.sig>


More information about the kde-core-devel mailing list