On 12/18/2007 16:02 PM, "Kyle Sluder" <email@hidden>
wrote:
>> Now for the real content:
>> Is there really anything that gets put into /Library/Caches that is
>> not general information? I do ask this as a serious question. Looking
>> at my system there is nothing there that I can think would require
>> reporting from a privacy standpoint if it were compromised. It is all
>> plugin data, an nothing from QuickLook is there, and that is the only
>> one that I can think might expose private data. Can anyone come up
>> with an example where this would require reporting?
>
> Anything may wind up in any Library cache, which is why it's chmod
> 01777. Xcode has put its precompiled headers there in a directory
> owned by me, instead of just putting it in ~/Library/Caches. If I put
> trade secrets, passwords or other sensitive data in header files, I'd
> be very concerned.
The other issue is the ignorance of what has value. The obvious answer is
"user files". Well, yes. That's true. FV does a decent job of protecting
that.
However, as a sysadmin, I *have* to look beyond that. The amount of data I
get for free in /var is considerable, and, if someone forgot about Virtual
Memory file encryption, I get everything. Even without that, /var is a
treasure *trove*. Combine that with /Library, and I can, even *completely
ignoring* user data, get real, useful, important intelligence on a network.
I am not say FV is useless, but the idea that somehow, no user-created temp
data lives outside of ~/ or /tmp is not only incorrect, but *dangerous*.
--
John C. Welch Writer/Analyst
Bynkii.com Mac and other opinions
email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
