[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Vrs-development] Re: [DotGNU]VRS architecture docs
From: |
Bill Lance |
Subject: |
Re: [Vrs-development] Re: [DotGNU]VRS architecture docs |
Date: |
Tue, 12 Feb 2002 06:09:41 -0800 (PST) |
--- Chris Smith <address@hidden> wrote:
>
>
> The problem with all encryption schemes is that
> certificates/keys need to be
> stored on the machine somewhere. Even in memory
> they're vunerable - a single
> core dump can ruin the security of an entire system,
> and you've got to get
> them into memory every time the system starts...
> which is usually from disk!
>
> I think it's going to boil down to 'if you give root
> away, resign and move to
> Alaska'.
>
In the end, this may be our biggest problem, the
untrusted node. Protecting a host from outide attack
is one matter. It's when the owner of a node host
carries out an attack from full root privilages that
we have serious problems.
__________________________________________________
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
http://greetings.yahoo.com
[Vrs-development] Re: [DotGNU]VRS architecture docs, Bill Lance, 2002/02/12