[imp] secure IMP connections

arijit das arijitda@netscape.net
Tue, 20 Mar 2001 14:15:12 -0500


imp@lists.horde.org wrote:
>

> If you don't trust root, your data cannot be safe. (The data has to be
> read, right? So root can see it in memory. Or root can replace the
> program or library that does the encryption with one with a
> backdoor. And so on.)
> 
>   -Rich
> 


I see what you are telling here, given this logic, root can
see the UNIX password (encrypted) of any user, since it will
get access to it in memory eventually.


--
===
arijit das
http://www.a136das.com

__________________________________________________________________
Get your own FREE, personal Netscape Webmail account today at http://webmail.netscape.com/