RE: PGP scripting...

From: Keith Smith (keith.smith@keiths-place.com)
Date: Wed Jan 08 2003 - 00:05:32 PST

  • Next message: Steffen Dettmer: "Re: PGP scripting..."

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    > > I think that client is probably worried about regular users 
    > > that will have access to the file system, rather than a
    > > determined external hacker.
    > 
    > How does the encrypting improve the security of storing the 
    > files in a directory, which is only readable by selected users, then?
    > 
    > They can only manage to read them, if they obtain that 
    > particular user's UID. But if they do it, they can probably 
    > also read /proc/N/mem, effectively bypassing the encryption.
    
    
    I was assuming that the files were sitting in a shared file system somewhere and were world readable.  Now I realise I was going out on a limb trying to guess the clients reasoning, but I couldn't think of any another reasons that explained the original request.
    
    
    Regards,
    Keith.
    
    
    -----BEGIN PGP SIGNATURE-----
    Version: 6.5.8ckt
    
    iQA/AwUBPhvNvL0tREWslyrAEQKX7ACfX0UAZO5gm6+PCBkdfO1wioVcm7IAnAvQ
    e152ry+HPS0JpVutU9stGpBj
    =3mij
    -----END PGP SIGNATURE-----
    



    This archive was generated by hypermail 2b30 : Wed Jan 08 2003 - 10:27:54 PST