Re: Directory permissions (keep root out)
From: Michael Heiming (michael+USENET_at_www.heiming.de)
Date: 01/23/04
- Next message: Ben Measures: "Re: Paying developers to get features faster"
- Previous message: NeoSadist: "Re: Directory permissions (keep root out)"
- In reply to: NeoSadist: "Re: Directory permissions (keep root out)"
- Next in thread: Luke Vogel: "Re: Directory permissions (keep root out)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 23 Jan 2004 00:07:52 +0100
NeoSadist <neosad1st@charter.net> wrote:
> D. Hampton Finger wrote:
[..]
> > How can I setup a directory so that root can't gain access to it? This
> > is general UNIX it is true, but the system in question is RedHat linux,
[..]
> There is no possible way that I know of:
> 1) Root in unix/linux has no restrictions
Ack, unless you are running some special kernel restricting
rootly powers.
[..]
> the person cannot read or write your files. Lastly, if you need to you
> could encrypt all those files to a password that only your team knows. The
> non-US citizen as root could copy them or delete them, but it would take
> them longer to crack the encryption scheme, and if they don't then all they
> have is garbage.
Only if you don't decrypt the files logged in, or it would be
trivial for UID 0.
-- Michael Heiming Remove +SIGNS and www. if you expect an answer, sorry for inconvenience, but I get tons of SPAM
- Next message: Ben Measures: "Re: Paying developers to get features faster"
- Previous message: NeoSadist: "Re: Directory permissions (keep root out)"
- In reply to: NeoSadist: "Re: Directory permissions (keep root out)"
- Next in thread: Luke Vogel: "Re: Directory permissions (keep root out)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
