Difference between revisions of "Requests for Enhancements"


From Knoppix Documentation Wiki
Jump to: navigation, search
 
(Replaced content with "{{delete|outdated}} ~~~~")
 
(25 intermediate revisions by 19 users not shown)
Line 1: Line 1:
== Mutiple Logins in Knoppix ==
+
{{delete|outdated}} [[User:WPSchulz|WPSchulz]] ([[User talk:WPSchulz|talk]]) 19:08, 11 April 2016 (EDT)
 
+
I recently had an idea for non-server type computers. This would be
+
implementable on Knoppix, but could be applied to any distribution.
+
 
+
Right now, "knoppix home=scan" will scan media for a knoppix.img file.
+
 
+
<newidea>
+
 
+
It would be cool if the system looked for all files called
+
"home-*.img". For example, I might have a home-hal.img file which
+
would be an encrypted filesystem containg the user hal's home
+
directory.
+
 
+
Suppose it found two files: home-hal.img and home-dave.img. Then the
+
login screen would show four user options: default, hal, dave, and
+
new. Default would create a home directory in the ramdisk using the
+
default settings, just like Knoppix does now.
+
 
+
If I chose hal, it would ask for a passphrase. If that passphrase
+
works on the encrypted home directory, then it would add hal to
+
/etc/passwd, mount the encrypted filesystem at /home/hal, and log me
+
in.
+
 
+
The "new" option would create a new user and a new encrypted home
+
directory on whatever media is chosen.
+
 
+
</newidea>
+
 
+
The advantages are:
+
 
+
# One is not limited to the "knoppix" user.
+
# There can be mutliple home-directory images for multiple users on the same hard drive.
+
# This encourages use of encryption for security.
+
# It seems more natural security model.  In the old model of enforcing security, the kernel is expected to respect /etc/passwd and home-directory permissions.  User A could always use a live-cd to read User B's private files, even if User B had set the permissions on those files to keep them private.
+
 
+
This idea needs work. But I think it has some promise.
+
 
+
----
+

Latest revision as of 23:08, 11 April 2016

Template:Delete WPSchulz (talk) 19:08, 11 April 2016 (EDT)