On 2020-02-24 10:51, lejeczek via CentOS wrote:> g) remember!! still at least (depending how you mount it) > the 'root' will have access to that data while mounted, > obviously!More than that: the root user will be able to access data in the future too, since it can steal the key while the data is mounted. Regards. -- Roberto Ragusa mail at robertoragusa.it
On 24/02/2020 10:26, Roberto Ragusa wrote:> On 2020-02-24 10:51, lejeczek via CentOS wrote: >> g) remember!! still at least (depending how you mount it) >> the 'root' will have access to that data while mounted, >> obviously! > > More than that: the root user will be able to access data > in the future too, since it can steal the key > while the data is mounted. > > Regards. >With a passphare only?
On 2020-02-24 14:37, lejeczek via CentOS wrote:> > > On 24/02/2020 10:26, Roberto Ragusa wrote: >> On 2020-02-24 10:51, lejeczek via CentOS wrote: >>> g) remember!! still at least (depending how you mount it) >>> the 'root' will have access to that data while mounted, >>> obviously! >> >> More than that: the root user will be able to access data >> in the future too, since it can steal the key >> while the data is mounted. >> >> Regards. >> > With a passphare only?Attackers don't need the passphrase, they can use the real key used for encryption (dmsetup table). Regards. -- Roberto Ragusa mail at robertoragusa.it