Re: File on disk- encrypted or not?

From: Shawn Willden (shawn-qw@willden.org)
Date: 12/20/02 

From: Shawn Willden <shawn-qw@willden.org>
Date: Fri, 20 Dec 2002 08:44:14 -0700

Lew Pitcher wrote:
> On Fri, 20 Dec 2002 14:24:58 +0000 (UTC), in comp.os.linux.security,
> "Sachin Garg" <schngrg@yahoo.com> wrote:
>>If the file has limited (say, read only) access to all users except
>>root.
>>I wish to know if this file on hard disk on a linux system is stored in
>>encrypted form or not?
>>
>>I think it should be encrypted, or else someone may just boot from say
>>an MS-DOS bootable floppy and use direct disk I/O functions to directly
>>excess the information, Failing the whole concept of security.
>
> Assuming that the attacker were knowledgable enough to be able to use MSDOS
> tools to locate the data, then yes, there is an exposure.

Okay, so assume he uses a floppy Linux distro, like Tom's Root Boot
disk, or a bootable CD-based distro, like Knoppix, instead.

> However, what's an attacker doing booting your secure system from an MSDOS
> boot disk in the first place? Permitting this invalidates any concept of
> security that you might have imposed as well.

Not necessarily. It depends on the particulars, and on what "concept of
security" you have.

For example: I have a laptop that contains lots of confidential
information. Disclosure of this information would upset my clients and
could potentially cost them lots of money (and cause huge problems for
me as well). Because I travel, I essentially have to have the laptop
with the data on it, but the fact that it spends so much time in places
where it could potentially be stolen raises large security questions.

So: I have an IBM Thinkpad, which has a pretty good system for
password-protecting both the BIOS and the HDD. The BIOS password can be
cleared by an attacker, but the HDD password cannot (at least not
easily). Both because I'm paranoid and because it is at least vaguely
plausible that someone might try to disassemble the drive and read the
data off of the platters directly to bypass the HDD password, or might
find some other way to bypasss the password, I also use an encrypted
file system for my sensitive data and encrypted swap to keep the data
from being paged out in the clear.

As long as my threat model consists of my laptop being stolen while
powered down or when the encrypted file system is unmounted, I have
pretty good security.

Shawn.

Relevant Pages

  • Re: Of mice and men
    ... any more than bank security is voluntary by the customers. ... With their own account, and guest accounts set up, I no longer have to worry about someone else screwing my work tools up. ... There are many programs that have in the past been used to exploit Linux - programs running as "root" even though you are just a plebian user. ... If you ask to run a program that uses root privleges "as a plebian user" it will tell you that you do not have disk access. ...
    (comp.lang.cobol)
  • Re: Problems with ordinary user permissions
    ... FreeBSD defaults to "only root can write my disk"; ... It's all a matter of trading security vs. ease of use. ...
    (freebsd-questions)
  • RE: Linux hacked
    ... Subject: Linux hacked ... After you boot up into the OS running from CD, ... >> First let me say I'm a security novice. ... >> been unsuccessful in getting root back. ...
    (Security-Basics)
  • SUMMARY: Moving /usr From Under Root "/" To Its Own Partition
    ... One of the reasons for doing this is to end up with a smaller root ... Install the boot block and boot off the new drive. ... " In order for the root partition to be fscked and remounted ... D> temporarily on the existing disk. ...
    (SunManagers)
  • Re: Screensaver takes too much time to fade-out...
    ... If you are serious about making your machine secure, ... learn a thing or two about security. ... These logs are mailed to the root user at 3am. ... Setup dovecot and use a local email client to fetch it. ...
    (Fedora)