> Actually that isn't quite right. A properly configured and tuned RBAC > policy, when combined with PaX, can very effectively limit all userspace > activity (including root access!).
How do you know that the module is installed and actually doing things? How do you know what kernel is actually booted? > It helps if you can also use a hardware security module to protect your key > material. How do you know that the operations that YOU request are actually the ones being performed? How do you know that the operating system isn't making additional requests of its own? You have to trust root. No two ways about it. _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
