[ubuntu-uk] Encrypted Directories
neil.greenwood.lug at gmail.com
Sun Oct 5 21:13:30 BST 2008
2008/10/5 James Westby <jw+debian at jameswestby.net>:
> On Sun, 2008-10-05 at 19:41 +0100, Chris Coulson wrote:
>> The root user will still be able to read files if the user is logged
>> because the private folder will be mounted.
> Hi Chris,
> That's very true. Thanks for pointing it out.
> Would an apparmor profile be able to prevent root from reading the
> un-encrypted files for those who want this?
> Though presumably that's not going to work as root could just modify
> the policy to give them access.
I know that one of the requirements for SELinux was to be able to make
certain files unreadable by root. Maybe this could be used?
More information about the ubuntu-uk