Posted by: Administrator
on March 22, 2006 07:39 AM
Filesystem encryption protects data from off-line attacks only. When the encrypted filesystem is mounted, the files on it are no more secure than on an unencrypted filesystem. A process running as root still has the capacity for tremendous damage/compromise.
Per-file encryption, based on proven user/process credentials, is a much more sound solution. It allows discrete privilege management, even of the root UID, while allowing regular file admin (backup, restore, etc.).
Learn about Linux
Download Linux
Get Linux help
still insufficient
Posted by: Administrator on March 22, 2006 07:39 AMPer-file encryption, based on proven user/process credentials, is a much more sound solution. It allows discrete privilege management, even of the root UID, while allowing regular file admin (backup, restore, etc.).
#