Igor Robul wrote:
On Wed, Mar 22, 2006 at 10:14:32AM +0100, Erik Norgaard wrote:
home partition which is fine for single user laptops, but on multiuser systems, each home directory should be distinct encrypted partitions in order not to disclose data to other users.
Maybe I'm wrong, but what happened with file system permissions? :-)

You can encrypt /home and then set 0700 permissions on user home

It is not that file permissions doesn't work but having data that is not yours unencrypted lowers the barrier for trespassing. Evil admins - even if only temporarily evil - can access data they shouldn't.

On any system I share I would prefer to know that when I'm not there not even the sysadmin can access them. And I believe that anyone would prefer that.

Cheers, Erik

Ph: +34.666334818                                  web: www.locolomo.org
S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt
Subject ID:  9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72
Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to