Well, I think you *could* protect data from root BUT you'd have to invest a 
lot of time in extending encryption and protection into the VM system and 
enable processes to transparently encrypt data in RAM such that only when 
the processor loads operands they get decrypted and when it stores them 
they're encrypted again.

Sounds like a hellish amount of work to do in software on conventional CPUs 
but if you presupposed that this was a Good Thing(tm) you could spend money 
and design processors with the necessary extra gubbins. The trick would be 
creating a channel from users into the CPU that no privileged user could 
possibly compromise for the transfer of cryptographic keys. Make a mistake 
there and game over really.

Sounds to me like a few theses could be written around this one, and it's 
healthily distinct from DRM where the technology isn't actually for the 
user's benefit but is actually just for rights-holders.

--On 02 September 2003 16:45 -0400 "Perry E. Metzger" <perry@piermont.com> 
wrote:

>
> Robert Connolly <ashes1978@videotron.ca> writes:
> > CGD isn't quite what Im looking for. Files are not protected from root,
> > or  anyone else while its mounted. CGD is fine for swap though.
>
> How could you ever protect things from root? Given the way the rest of
> the system works, that's pretty much impossible.
>
> It makes some sense in a network file system to speak of protecting
> things from those without the proper credentials, but on a local
> machine, "protecting" things from root is impossible.
>
> .pm



-- 
-Mark                 ... an Englishman in London ...