Home page logo
/

basics logo Security Basics mailing list archives

Re: How to Test HDD Encryption
From: jfvanmeter () comcast net
Date: Wed, 14 Nov 2007 11:41:15 +0000

True,  on a correctly acl'ed systems
I've seen acls on file systems that gave full user access from root down, and windows systems that everyone had full 
rights too. I would rather protect my clients NPPI/PII/PCI information with file encrytion.

Just my two shiny centavos, and some days there not all that shiny --John

 -------------- Original message ----------------------
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
On 2007-11-13 jfvanmeter () comcast net wrote:
true, we can say the same for FDE, once the OS is mount, those file are
all open. 

So? Once the OS is running the kernel will enforce access controls to
all files and folders, thus maintaining its own integrity as well as the
confidentiality of the data. FDE will ensure the operating system's
integrity and the confidentiality of all files on the system while the
OS is not running and thus cannot enforce anything.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]