2008/10/5 James Westby <[EMAIL PROTECTED]>: > On Sun, 2008-10-05 at 19:41 +0100, Chris Coulson wrote: >> The root user will still be able to read files if the user is logged >> in, >> because the private folder will be mounted. > > Hi Chris, > > That's very true. Thanks for pointing it out. > > Would an apparmor profile be able to prevent root from reading the > un-encrypted files for those who want this? > > Though presumably that's not going to work as root could just modify > the policy to give them access. >
Hi James, I know that one of the requirements for SELinux was to be able to make certain files unreadable by root. Maybe this could be used? Hwyl, Neil. -- [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
