F8devel - Review HAL policy about hiding partitions

Rahul Sundaram sundaram at fedoraproject.org
Sun Jun 17 07:40:23 UTC 2007


Richard Hughes wrote:
> On Sun, 2007-06-17 at 07:34 +0530, Rahul Sundaram wrote:
>> Richard Hughes wrote:
>>> On Sat, 2007-06-16 at 10:14 -0700, Otto Rey wrote:
>>>> Why we continue hiding partitions with HAL policy
>>>> (/usr/share/hal/fdi/policy/10osvendor/99-redhat-storage-policy-fixed-drives.fdi)??
>>> My policy has always been that if a user is able to boot a system with a
>>> live-cd then all security is void.
>> Wouldn't filesystem encryption make this not quite true?
> 
> To a degree, yes, but I think I can count all the fedora users of
> encrypted root on one hand... :-)

Really? I would guess it would be more than that. We include more than 
one method for doing this including dm-crypt and encfs.

Hopefully this feature gets into Fedora 8

http://fedoraproject.org/wiki/Releases/FeatureEncryptedFilesystems

Rahul






More information about the fedora-devel-list mailing list