[openssl-users] Regarding the security of the keys
akihana at gmail.com
Wed Jul 22 04:09:01 UTC 2015
Actually that isn't quite right. A properly configured and tuned RBAC
when combined with PaX <https://en.wikipedia.org/wiki/Grsecurity#PaX>, can
very effectively limit all userspace activity (including root access!). It
helps if you can also use a hardware security module
<https://en.wikipedia.org/wiki/Hardware_security_module> to protect your
On Tue, Jul 21, 2015 at 1:48 AM, Salz, Rich <rsalz at akamai.com> wrote:
> > If some one build their own openssl and add few lines to print the keys
> during encrypt and decrypt and put in the library in the LD_LIBRARY_PATH,
> may result in compromising the security of the keys.
> Can anyone other than root do this? You have to trust root. They could
> just cat your keyfile anyway.
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users