On Tue, 2004-07-06 at 02:18, Russell Coker wrote:
> For a really secure system you have to boot from removable or read-only media.
>
> If an attacker can compromise the kernel image that you boot from then they
> can own you. If you have an unencrypted kernel/initrd stored on the hard
> disk then you must either keep the hard disk locked up at all times (in which
> case encrypting it doesn't gain much) or treat every unexpected reboot as a
> potential compromise.
I was concentrating mainly on means to secure data (against prying eyes,
not corruption), securing a system is a completely different kind of
thing. And I know that for my data to be really secure against an
attacker, my kernel must be secure, too. But let's reach for the
lower-hanging branches first, okay? ;-)
Nils
--
Nils Philippsen / Red Hat / nphilipp@xxxxxxxxxx
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." -- B. Franklin, 1759
PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011
