On Thu, 22 May 2003, Andrew Edelstein wrote:
On Thu, May 22, 2003 at 12:24:02AM -0700, Professional Software Engineering
wrote:
That would be the same root account which can't simply tweak the alias on
your account and make a copy of all your incoming mail?
Or are you talking about the root account which can't simply disable the
procmailrc file, causing newly arriving mail to not be encrypted?
Or perhaps you mean the root account which can't monitor your shell session
for your private key?
No, I think he means the other root account, the one that can simply read his
.procmailrc file to harvest his passphrase.
I have to differ on this one. All the root will get is the public
key, which would not allow him to read the mail.
I'm not sure that his desire is useful, there are a number of
root exploits mentioned here, but root would not be able to read the
already encrypted mail.
My guess is that the user has concerns not about root, but about
someone with access to root who misuses this, i.e. one of the sysops is
whacked, and encrypting their inbox at least makes it harder.
Reading an unencrypted mailbox as root is trivial, but setting up
a sniffer would involve mucking about with the system.
--
Matthew Saroff
"A modern conservative is engaged in one of man's oldest exercises in
moral philosophy; that is, the search for a superior moral justification
for selfishness." -- John Kenneth Galbraith
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail