[52] in The Cryptographic File System users list
Re: Protection against superuser?
daemon@ATHENA.MIT.EDU (matthew tebbens)
Thu Apr 23 12:28:08 1998
From owner-cfs-users@research.att.com Thu Apr 23 16:28:07 1998
Return-Path: <owner-cfs-users@research.att.com>
Delivered-To: cfs-mtg@bloom-picayune.mit.edu
Received: (qmail 20277 invoked from network); 23 Apr 1998 16:28:06 -0000
Received: from unknown (HELO rumor.research.att.com) (192.20.225.9)
by bloom-picayune.mit.edu with SMTP; 23 Apr 1998 16:28:06 -0000
Received: from research.att.com ([135.207.30.100]) by rumor; Thu Apr 23 12:23:40 EDT 1998
Received: from amontillado.research.att.com ([135.207.24.32]) by research-clone; Thu Apr 23 12:25:24 EDT 1998
Received: from nsa.research.att.com (majordomo@nsa.research.att.com [135.207.24.155])
by amontillado.research.att.com (8.8.7/8.8.7) with ESMTP id MAA00864;
Thu, 23 Apr 1998 12:25:21 -0400 (EDT)
Received: (from majordomo@localhost) by nsa.research.att.com (8.7.3/8.7.3) id MAA09510 for cfs-users-list; Thu, 23 Apr 1998 12:23:00 -0400 (EDT)
X-Authentication-Warning: nsa.research.att.com: majordomo set sender to owner-cfs-users@nsa.research.att.com using -f
Received: from research.att.com (research-clone.research.att.com [135.207.30.100]) by nsa.research.att.com (8.7.3/8.7.3) with SMTP id MAA09506 for <cfs-users@nsa.research.att.com>; Thu, 23 Apr 1998 12:22:58 -0400 (EDT)
Received: from tebbens.com ([208.195.230.10]) by research-clone; Thu Apr 23 12:24:30 EDT 1998
Received: from localhost by tebbens.com
with smtp id m0ySOnw-000NVSC
(Debian Smail-3.2 1996-Jul-4 #2); Thu, 23 Apr 1998 12:24:56 -0400 (EDT)
Date: Thu, 23 Apr 1998 12:24:56 -0400 (EDT)
From: matthew tebbens <matthew@tebbens.com>
To: Tom Fitzgerald <tfitz@mit.edu>
cc: Manuel Panea <mpd@rzg.mpg.de>, cfs-users@research.att.com
Subject: Re: Protection against superuser?
In-Reply-To: <199804231556.LAA18815@ORION3.MIT.EDU>
Message-ID: <Pine.LNX.3.96.980423122105.17905B-100000@backup.tebbens.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cfs-users@research.att.com
Precedence: bulk
I have a question....
Exactly how secure is it ?
Better question would be:
About how much would someone have to spend to break a CFS directory
without the key ?
Matthew
On Thu, 23 Apr 1998, Tom Fitzgerald wrote:
> > So, am I missing something here? What's the point of cfs? How are you
> > people using it?
>
> The advantage over crypt (or PGP or whatever file-based encryption
> you want to use) is, as you say, that you don't have to keep typing the
> password over and over again. This can be a pretty big deal if you've got
> your MH mailbox in cfs space, or if you want to grep a whole bunch of
> documents.
>
> What's really nice about cfs is
>
> 1) secure removable media
> 2) systems where nobody but me has the root password, but if I'm not there
> somebody can walk up with a boot floppy or boot CD.
> 3) secure backups
>
>
>
