>>> Joseph Mack <[EMAIL PROTECTED]> 08/10/99 01:42PM >>>
>On the otherhand if I leave the passphrases in the script, they can
take
>those too. There seems to be no solution to this except unplugging
the
>network connection.
That's why Ralf says neither method is more secure than the other. If
someone can get root access to your files/filesystems (whether directly
or by stealing a tape or a harddrive or something), you're pretty much
out of luck anyway. Without physical security of the machine and tapes,
all bets are off. Besides, on many systems root can be gained from the
console with a boot tape/CD/floppy, etc. So there is a solution besides
unplugging the network connection... keep your machine and its data
physically secure.
:)
-Cliff
Cliff Woolley
Central Systems Software Administrator
Washington and Lee University
http://www.wlu.edu/~jwoolley/
Work: (540) 463-8089
Pager: (540) 462-3472
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
