Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1759134AbXISOJl (ORCPT ); Wed, 19 Sep 2007 10:09:41 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1753324AbXISOJe (ORCPT ); Wed, 19 Sep 2007 10:09:34 -0400 Received: from pentafluge.infradead.org ([213.146.154.40]:41311 "EHLO pentafluge.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752124AbXISOJd (ORCPT ); Wed, 19 Sep 2007 10:09:33 -0400 Date: Wed, 19 Sep 2007 19:42:20 +0530 (IST) From: Satyam Sharma X-X-Sender: satyam@enigma.security.iitk.ac.in To: Kyle Moffett cc: Trond Myklebust , "J. Bruce Fields" , Jan Engelhardt , Linux Kernel Mailing List Subject: Re: NFS4 authentification / fsuid In-Reply-To: Message-ID: References: <1188484155.6755.38.camel@heimdal.trondhjem.org> <1188484337.6755.41.camel@heimdal.trondhjem.org> <1188486240.6755.51.camel@heimdal.trondhjem.org> <20070830214431.GF10808@fieldses.org> <20070906150616.GA28565@fieldses.org> <0D66E86D-8D97-45D7-9C2A-7AB5F42845B5@mac.com> <1189121714.6672.38.camel@heimdal.trondhjem.org> <5B1FC03A-6819-4C6C-91D3-F3022B798EF4@mac.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2008 Lines: 63 On Wed, 19 Sep 2007, Kyle Moffett wrote: > > > [all sorts of crap about spies in washington needing stronger protection > > than your average consumer] > > [snip] > > [...] all the bullcrap about foreign intelligence Hehe, again, *you* started all the "bullcrap" about foreign "governments" in the first place :-) > is just drawing > focus off of how easy it is to achieve *adequate* physical protection where it ^^^^^^^^ > matters. Ah, so you're qualifying the discussion with the nice and subjective "adequate" ... (you're still wrong, of course) > Of course, this also relies on being able to teach the stupid lusers with the > laptops not to give their boot password to the "service tech on the phone" Let's stick on-topic here ... remember "securing a system against attacker with physical access is fairly simple" ? [ Took the liberty of removing some irrelevant digressions -- didn't see any solid security scheme that fulfils/justifies your earlier claim over there. ] > > > If your system equates end-user with attacker > > > > "If"? Was there ever any doubt? > > > > Heh, did you even read the thread you just replied to? > > Yes I did [...] No, you didn't -- it was obvious from your reply :-) > and I wanted to make it *really* clear that with average hardware > you can properly protect against virtually all of the *common* attack vectors. ^^^^^^ But what gave you the impression we're interested in discussing "common" or "adequate enough" attack vectors here? See, if you have something useful/new to contribute to the discussion, that we don't already know, then please don't hold back and feel free to do so ... Satyam - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/