| 1 |
On Tue, 04 Sep 2012 22:45:07 +0200, Florian Philipp wrote: |
| 2 |
|
| 3 |
> >> I just have to make sure to leave nothing private on root, /usr |
| 4 |
> >> or /etc. |
| 5 |
> > |
| 6 |
> > Like your passwd and shadow files? |
| 7 |
|
| 8 |
> *g*, good point. However, I'm willing to take the risk on just these |
| 9 |
> two: passwd doesn't contain anything of considerable interest. shadow |
| 10 |
> contains exactly two passwords, both as sha256-sums (or similar, did not |
| 11 |
> really check). The passwords themselves are in excess of 90 bit entropy, |
| 12 |
> depending on how you estimate it. |
| 13 |
> |
| 14 |
> Most of the rest which might be of interest and is usually in /etc can |
| 15 |
> be symlinked there from a safe location in /var. |
| 16 |
|
| 17 |
I used to do that, but as the number of sensitive directories grew - |
| 18 |
samba, wicd, etc. - I decided it was less hassle to set up an encrypted / |
| 19 |
and forget about it. |
| 20 |
|
| 21 |
|
| 22 |
-- |
| 23 |
Neil Bothwick |
| 24 |
|
| 25 |
When you go to court you are putting yourself in the hands of 12 people |
| 26 |
that were not smart enough to get out of jury duty. |
Archives