-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > > I think that client is probably worried about regular users > > that will have access to the file system, rather than a > > determined external hacker. > > How does the encrypting improve the security of storing the > files in a directory, which is only readable by selected users, then? > > They can only manage to read them, if they obtain that > particular user's UID. But if they do it, they can probably > also read /proc/N/mem, effectively bypassing the encryption. I was assuming that the files were sitting in a shared file system somewhere and were world readable. Now I realise I was going out on a limb trying to guess the clients reasoning, but I couldn't think of any another reasons that explained the original request. Regards, Keith. -----BEGIN PGP SIGNATURE----- Version: 6.5.8ckt iQA/AwUBPhvNvL0tREWslyrAEQKX7ACfX0UAZO5gm6+PCBkdfO1wioVcm7IAnAvQ e152ry+HPS0JpVutU9stGpBj =3mij -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Wed Jan 08 2003 - 10:27:54 PST