Encrypted home directory
Bruno Wolff III
bruno at wolff.to
Tue Dec 23 08:13:30 UTC 2008
On Tue, Dec 23, 2008 at 10:09:13 +0200,
Nikolay Vladimirov <nikolay at vladimiroff.com> wrote:
> 2008/12/23 Bruno Wolff III <bruno at wolff.to>:
> > On Mon, Dec 22, 2008 at 18:48:47 +0200,
> > Nikolay Vladimirov <nikolay at vladimiroff.com> wrote:
> >>
> >> It's good to have an option to do both encrypted home and dedicated
> >> encrypted dir in home.
> >
> > What threat are you trying to counter by having a separate encrypted
> > directory in your home directory? I would expect selinux to be a better
> > solution for the kind of problem one might try to solve with an encrypted
> > directory in their home directory.
> >
>
> No, because selinux is useless if someone has physical access to my computer.
> Booting another os(think live cds) or just doing "single selinux=0".
That's what full disk (well really partition) encryption is for and which
already works nicely. Being able to encrypt just some directories is an
inferior solution to that problem.
More information about the fedora-devel-list
mailing list