From owner-freebsd-questions@FreeBSD.ORG Fri Mar 24 14:48:30 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AAE0116A41F for ; Fri, 24 Mar 2006 14:48:30 +0000 (UTC) (envelope-from igorr@speechpro.com) Received: from speechpro.ru (speech-tech-2.ip.PeterStar.net [81.3.190.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 30E6243D45 for ; Fri, 24 Mar 2006 14:48:29 +0000 (GMT) (envelope-from igorr@speechpro.com) Received: from [192.168.2.26] (helo=sysadm.stc) by s1.stc with esmtp (Exim 4.53 (FreeBSD)) id 1FMnaW-000MxG-AD for freebsd-questions@freebsd.org; Fri, 24 Mar 2006 17:48:28 +0300 Received: from localhost.stc ([127.0.0.1] helo=sysadm.stc) by sysadm.stc with esmtp (Exim 4.54 (FreeBSD)) id 1FMnaH-0007G1-3S for freebsd-questions@freebsd.org; Fri, 24 Mar 2006 17:48:13 +0300 Received: (from igorr@localhost) by sysadm.stc (8.13.4/8.13.3/Submit) id k2OEmC9m027900 for freebsd-questions@freebsd.org; Fri, 24 Mar 2006 17:48:12 +0300 (MSK) (envelope-from igorr) Date: Fri, 24 Mar 2006 17:48:11 +0300 From: Igor Robul To: freebsd-questions@freebsd.org Message-ID: <20060324144811.GF26401@sysadm.stc> References: <44210DFC.6000308@locolomo.org> <13d4d6bb0603220051x49fdb302v32bc501a81cb9a99@mail.gmail.com> <44211578.8050600@locolomo.org> <20060324083919.GE26401@sysadm.stc> <4423B193.5080804@locolomo.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4423B193.5080804@locolomo.org> User-Agent: Mutt/1.5.11 X-Archived: Yes Subject: Re: encrypted drives X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Mar 2006 14:48:30 -0000 On Fri, Mar 24, 2006 at 09:45:07AM +0100, Erik Norgaard wrote: > It is not that file permissions doesn't work but having data that is not > yours unencrypted lowers the barrier for trespassing. Evil admins - even > if only temporarily evil - can access data they shouldn't. If you setup some automounting of encrypted user home directories, then there are two cases: 1) user must enter some additional password/key for encrypted device 2) user does not need additional password. In (2) case all user private keys are accessible by evil admin, so he can mount user's home directory. In (1) case "evil" admin can setup keylogger etc., to log all user input including passwords and still have access to user's files.