<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: Additional security for laptops...
From: Mikko Pasanen <miapasan,AT,cs,DOT,uku,DOT,fi>
Date: Fri, 17 Jan 2003 11:01:39 +0100
In-reply-to: <XFMail.030117164328.gregory.hosler@eno.ericsson.se>

        What i was thinking that cipe directory will be located in the
encypted filesystem and symlinked to /etc directory, then it will not
expose itself unless you have full access to harddisk. If the key managing
is proper (laptop stolen -> all access denied to internal services ) I
would be more worrying about the information which is lying on
the local harddisk.

On Fri, 17 Jan 2003, Gregory Hosler wrote:

>
> On 17-Jan-03 Mikko Pasanen wrote:
> >
> >       How about encrypting partitions which are containing critical
> > information ? Of course it would be harder to borrow machines, but I think
> > it possible to easily separate "critical" information and regular stuff,
> > and then if the user cannot mount critical stuff they cannot access the
> > network and can login with guest account.
>
> the password is on the root partition (in /etc/cipe, which by definition 
>*will*
> be in the root partition). if you're gonna encrypt the root partition, and 
>then
> lend out the laptop, you need to release the password for the root 
>partition,
> otherwise you might as well not lend out the laptop in the first place.
>
> :)
>
> -Greg
>





<< | Thread Index | >> ]    [ << | Date Index | >> ]