|
|
10.4: Be aware of a FileVault security issue with Mail.app
Do you use filevault? I do. When a filevault user is logged in, one can ssh to the machine or otherwise login as another (admin) user and read (I believe write also via sudo) anything from the filevault user's home.
10.4: Be aware of a FileVault security issue with Mail.app
If a filevault user is logged in when the computer is stolen and power is cut off (or if it is stolen some time after sudden power loss while the user was logged in), the contents of their home folder will be inaccessible to the thief because of filevault. However, with sudden power loss, the tmp file will not have been deleted, and being outside of the filevault image, it will be freely accessible. This would only affect tmp files for attachments created during that session, but it's still an issue. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.09 seconds |
|