On Mon, Dec 28, 2009 at 09:28:43PM +0100, Olivier Sessink wrote:
Hi all,
I was wondering if there are some 'common' ways to prevent tampering with
the unencrypted kernel and initrd in the case of an encrypted root
filesystem? If somebody has access to your computer they could change the
initrd and kernel and make your encryption useless (e.g. store the password
in /boot, or send it over the network, etc. etc.). It shouldn't be too hard
to make this at least very difficult.
I'm sorry if anyone has physical access to the machine, you lose.
there is nothing you can do to prevent it.
If your laptop is stolen and later found, i would not trust typing my
password again booting from that disk. I would boot from a rescue media
or install the disk in another machine and recover the data.
What you suggest only creates a false sense of security and should be
avoided.
L.
--
Luca Berra -- bluca@xxxxxxxxxx
Communication Media & Services S.r.l.
/"\
\ / ASCII RIBBON CAMPAIGN
X AGAINST HTML MAIL
/ \
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
