Jeremy Katz wrote:
* You don't want an encryption that's global across all of /home, you
really want to encrypt each user's home directory separately so that
they can access their own stuff without needing any sort of admin
Sorry, but privacy on system where someone other has root permissions
is illusion only. I don't understand how could be really safe system
where admin is able to modify kernel or some system util and steal
your password (or private key or whatever).
No, I'm saying that Bob shouldn't need an administrator to unlock
the /home on his laptop. But Bob and Jim should be able to both have
accounts (or maybe it's Bob and his girlfriend)
So based on the current way that the we do encryption (block-level for
an entire parition?) sucks because it doesn't allow this kind of thing?
Sounds like we have some work to do to make it really useful.
--Chris
