Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'FileVault Lite' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
FileVault Lite
Authored by: mantrid on Oct 03, '07 09:38:19AM

Also, as the hint stands, on a multi-user machine, other users might suddenly be pleased to find a bonanza of your sensitive files appearing in "/Volumes", where disk images, which already have default permissions with read access for everyone, are mounted by default with "Ignore ownership" checked.

A step 1b and 1c could be added to take care of that, but the security conscious might also have reservations about having a disk image of sensitive files unnecessarily mounted during the entire time the user is logged in, or with the password added to the login keychain. By default, encrypted disk image passwords appear to be added to the keychain in a way that allows someone with momentary access to the machine to obtain the actual disk image password.



[ Reply to This | # ]
FileVault Lite
Authored by: mantrid on Oct 03, '07 09:41:26AM

Sorry, in the last sentence, I meant momentary access to the user's account, not "momentary access to the machine".



[ Reply to This | # ]