[55] in The Cryptographic File System users list
Re: Protection against superuser?
daemon@ATHENA.MIT.EDU (matthew tebbens)
Thu Apr 23 14:04:10 1998
From owner-cfs-users@research.att.com Thu Apr 23 18:04:09 1998
Return-Path: <owner-cfs-users@research.att.com>
Delivered-To: cfs-mtg@bloom-picayune.mit.edu
Received: (qmail 23664 invoked from network); 23 Apr 1998 18:04:08 -0000
Received: from unknown (HELO rumor.research.att.com) (192.20.225.9)
by bloom-picayune.mit.edu with SMTP; 23 Apr 1998 18:04:08 -0000
Received: from research.att.com ([135.207.30.100]) by rumor; Thu Apr 23 13:59:37 EDT 1998
Received: from amontillado.research.att.com ([135.207.24.32]) by research-clone; Thu Apr 23 14:01:22 EDT 1998
Received: from nsa.research.att.com (majordomo@nsa.research.att.com [135.207.24.155])
by amontillado.research.att.com (8.8.7/8.8.7) with ESMTP id OAA03327;
Thu, 23 Apr 1998 14:01:15 -0400 (EDT)
Received: (from majordomo@localhost) by nsa.research.att.com (8.7.3/8.7.3) id NAA09852 for cfs-users-list; Thu, 23 Apr 1998 13:59:00 -0400 (EDT)
X-Authentication-Warning: nsa.research.att.com: majordomo set sender to owner-cfs-users@nsa.research.att.com using -f
Received: from research.att.com (research-clone.research.att.com [135.207.30.100]) by nsa.research.att.com (8.7.3/8.7.3) with SMTP id NAA09848 for <cfs-users@nsa.research.att.com>; Thu, 23 Apr 1998 13:58:58 -0400 (EDT)
Received: from tebbens.com ([208.195.230.10]) by research-clone; Thu Apr 23 13:59:25 EDT 1998
Received: from localhost by tebbens.com
with smtp id m0ySQHc-000NVSC
(Debian Smail-3.2 1996-Jul-4 #2); Thu, 23 Apr 1998 13:59:40 -0400 (EDT)
Date: Thu, 23 Apr 1998 13:59:40 -0400 (EDT)
From: matthew tebbens <matthew@tebbens.com>
To: karney@princeton.edu
cc: mpd@rzg.mpg.de, cfs-users@research.att.com
Subject: Re: Protection against superuser?
In-Reply-To: <199804231746.NAA07625@orion.pppl.gov>
Message-ID: <Pine.LNX.3.96.980423135442.18205C-100000@backup.tebbens.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cfs-users@research.att.com
Precedence: bulk
Thats something you forget about when always using CFS locally, like on
your home system.
Matthew
On Thu, 23 Apr 1998, Charles Karney wrote:
> Another advantage I didn't see mentioned is that CFS is network safe.
> Consider the following:
>
> * you are logged into computer A (preferably a system over which you have
> control on root access);
>
> * your data is on computer B (a large workstation, maybe lots of people
> have root access); B exports the data to A via NFS;
>
> * the network between A and B is unsafe (e.g., it is vulnerable to
> sniffing).
>
> You run CFS on A; the data on B's disks is encrypted; the data on backup
> tapes is encrypted; only encrypted data appears on the network.
> Unauthorized access to the unencrypted data requires a compromise of A
> either as you or as root while you are using CFS.
>
> --
> Charles Karney
> Plasma Physics Laboratory E-mail: Karney@Princeton.EDU
> Princeton University Phone: +1 609 243 2607
> Princeton, NJ 08543-0451 FAX: +1 609 243 3438
>
