On Tue, 6 Jul 2004 05:12, Alan Cox <alan@xxxxxxxxxx> wrote: > /boot on the other hand cannot be encrypted usefully without hardware > key systems because then you cannot boot off it. For a really secure system you have to boot from removable or read-only media. If an attacker can compromise the kernel image that you boot from then they can own you. If you have an unencrypted kernel/initrd stored on the hard disk then you must either keep the hard disk locked up at all times (in which case encrypting it doesn't gain much) or treat every unexpected reboot as a potential compromise. I think that USB-flash devices are the best option for booting secure machines at the moment. The smallest available USB devices are bigger than /boot on most systems. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
