I got a good security one more ya.

Matthew R. Dempsky mrd at alkemio.org
Fri Mar 31 07:06:42 UTC 2006


On Fri, Mar 31, 2006 at 12:29:34AM -0600, Gromitigo wrote:
> Ok.  If I have files saved as a user, and someone takes my hard drive
> out, puts it in another machine, mounts it...could they read that file
> if they we're root?  What about if I write the files as root?

They could read it fine.

Similarly, if you were to tar or zip up a directory containing files 
with restricted read permissions (e.g. a backup of your home directory 
including gpg or ssh keys), anyone with access to your tar/zip file can 
easily read the relevant files.

As was said in another post, if someone swiping your hard drive is a 
risk you need to account for, you should look into encrypting your hard 
drive.  These issues are non-trivial, however; dm-crypt, for example, 
has (had?) a timing weakness that allows any user to recover the AES key 
in a mere 65 *milliseconds*. [1]

You should also realize that if someone has physical access to your 
machine, there are quicker ways to access your data than removing the 
hard drive: they could simply boot a Live CD or append init=/bin/sh to 
your bootloader's boot string.  (These can be locked down if you're that 
concerned, however.)

[1] http://www.wisdom.weizmann.ac.il/~tromer/papers/cache.pdf




More information about the ubuntu-users mailing list