On Mon, Sep 12, 2011 at 09:41:12AM +0200, Rolf Kutz wrote:
[...]
> An encrypted /home can still be backuped easily by administrators
> without being able to see inside.
An administrator (assuming by administrator you mean root or an
account with access to root-level privs) can easily trojan the
necessary bits of the system and then lie in wait to capture the
authentication credentials or the decrypted data itself, unless
encryption and decryption is only ever done on a separate remote
system to which the administrator has no privileged access.
--
{ IRL(Jeremy_Stanley); WWW(http://fungi.yuggoth.org/); PGP(43495829);
WHOIS(STANL3-ARIN); SMTP(fu...@yuggoth.org); FINGER(fu...@yuggoth.org);
MUD(kin...@katarsis.mudpy.org:6669); IRC(fu...@irc.yuggoth.org#ccl); }
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110912204325.gh1...@yuggoth.org
