Date: Wed, 14 May 2003 12:38:54 -0400 (EDT)
From: Ahmed Masud <masud@googgun.com>
To: =?iso-8859-1?Q?J=F6rn?= Engel <joern@wohnheim.fh-wedel.de>
Cc: Yoav Weiss <ml-lkml@unpatched.org>,
       Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: encrypted swap [was: The disappearing sys_call_table export.]
In-Reply-To: <20030514162323.GB16093@wohnheim.fh-wedel.de>
Message-ID: <Pine.LNX.4.33.0305141236430.12212-100000@marauder.googgun.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=X-UNKNOWN
Content-Transfer-Encoding: 8BIT
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1099
Lines: 31


On Wed, 14 May 2003, [iso-8859-1] J?rn Engel wrote:

> On Wed, 14 May 2003 12:13:03 -0400, Ahmed Masud wrote:
> >
> > The idea is to have encryption keys for the pages to be unique on a
> > per-uid per-process basis. So one user on the system cannot access (even
> > if they are root) parts of another's private data.  To achieve this,
> > different parts of swap device need to be encrypted with different keys.
>
> How do user *know* that root cannot simply bypass this security?
>
> Root, god, what's the difference? ;-)
>
> J?rn

Well :-) that's sorta true. In the new world the old gods will fall to
give rise to new ones.  worshippers of root will fade in the echos of the
past ... Rootshunting is possible if the kernel so chooses. Trusted Linux,
which is my perosnal and favourite focus for linux would be an environment
without root.


Ahmed.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/