1 |
On Tue, 04 Sep 2012 22:45:07 +0200, Florian Philipp wrote: |
2 |
|
3 |
> >> I just have to make sure to leave nothing private on root, /usr |
4 |
> >> or /etc. |
5 |
> > |
6 |
> > Like your passwd and shadow files? |
7 |
|
8 |
> *g*, good point. However, I'm willing to take the risk on just these |
9 |
> two: passwd doesn't contain anything of considerable interest. shadow |
10 |
> contains exactly two passwords, both as sha256-sums (or similar, did not |
11 |
> really check). The passwords themselves are in excess of 90 bit entropy, |
12 |
> depending on how you estimate it. |
13 |
> |
14 |
> Most of the rest which might be of interest and is usually in /etc can |
15 |
> be symlinked there from a safe location in /var. |
16 |
|
17 |
I used to do that, but as the number of sensitive directories grew - |
18 |
samba, wicd, etc. - I decided it was less hassle to set up an encrypted / |
19 |
and forget about it. |
20 |
|
21 |
|
22 |
-- |
23 |
Neil Bothwick |
24 |
|
25 |
When you go to court you are putting yourself in the hands of 12 people |
26 |
that were not smart enough to get out of jury duty. |