F8devel - Review HAL policy about hiding partitions
Richard Hughes
hughsient at gmail.com
Sun Jun 17 08:59:22 UTC 2007
On Sun, 2007-06-17 at 13:10 +0530, Rahul Sundaram wrote:
> Richard Hughes wrote:
> > On Sun, 2007-06-17 at 07:34 +0530, Rahul Sundaram wrote:
> >> Richard Hughes wrote:
> >>> On Sat, 2007-06-16 at 10:14 -0700, Otto Rey wrote:
> >>>> Why we continue hiding partitions with HAL policy
> >>>> (/usr/share/hal/fdi/policy/10osvendor/99-redhat-storage-policy-fixed-drives.fdi)??
> >>> My policy has always been that if a user is able to boot a system with a
> >>> live-cd then all security is void.
> >> Wouldn't filesystem encryption make this not quite true?
> >
> > To a degree, yes, but I think I can count all the fedora users of
> > encrypted root on one hand... :-)
>
> Really? I would guess it would be more than that. We include more than
> one method for doing this including dm-crypt and encfs.
Totally, but until we include a little ticky box in anaconda that number
will be still sub-0.01 percent. I'm not l33t enough to setup root
encryption with working suspend/resume, so the average newbie has no
chance.
Richard,
More information about the fedora-devel-list
mailing list