-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 guy keren wrote: > i assume you're running cfengine only every so-often (it is a > polling-based system, not a notification-based system, as far as i > know). so you still have some amount of time when users might put > pass-phrase-less keys.
Certainly. I consider a few minutes of potential exposure a very worthwhile tradeoff. Insisting on perfect security gets you no security at all. - -- Tracy R Reed http://ultraviolet.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFciMk9PIYKZYVAq0RAgufAJ9Ve1bpsJbIGs/VeQvuZmyg5jPPsgCfasuy KvxhC9hoXJMc2on4pgdtUHg= =MVfA -----END PGP SIGNATURE----- -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-lpsg
