Quote:
Originally Posted by
dn888
The encrypt program can be run by any user to encrypt their files, its available on Solaris.
The example, I've ran above is under a non-root user.
I have assumed that you don't wish to type in a password every time you want to run that script, because 99.9% of the time, people don't.
If the script contains instructions for decrypting itself without a password, root can read it and decrypt it, because it literally contains step by step instructions for doing so.
Quote:
But Corona688 did say that "There are no methods to protect from root, at all." So I'd like to know how can root user know the encryption key to decrypt a users file.
I'm trying to understand how Corona688 came to that conclusion.
Root has full control of the machine. They can alter it to their needs. They can do things like subverting your profile, subverting system libraries, altering your environment, setting up full system traces on platforms which support it, and even doing minor alterations to the kernel. They could trace you typing in your password if they really, really want to, or (much more easily) fake you into typing the password into something else.
I won't go into more details, as I'm not in the business of making malicious hacks. But you cannot defend from root.