Using Python To Create An Encrypted Container
Heiko Wundram
me+python at modelnine.org
Sun Apr 16 15:50:34 EDT 2006
Am Sonntag 16 April 2006 19:11 schrieb Michael Sperlle:
> The only other thing I can think of is making it non-readable for anyone
> except root, but have the feeling that's not too secure.
Huh? If you don't trust your operating system to correctly validate
file-permissions for you (on a server, on a client system which can be booted
by others than you or from which the physical harddisk can be extracted the
security implications are completely different), you're in absolutely no
position to even want encryption, because any malicious user can replace your
encryption code with code of his own, so that it's easily breakable by him.
Of course there are temporary local priviledge escalations (in some
applications, or even in the kernel of your operating system), but if you
rely on the operating system to keep your encryption code secure, you might
as well rely on the operating system to keep your data secure, because that's
basically the same thing.
--- Heiko.
More information about the Python-list
mailing list