Encrypted home directory
Mail Lists
lists at sapience.com
Sun Dec 21 20:31:34 UTC 2008
On 12/21/2008 03:15 PM, Richard W.M. Jones wrote:
> The other reason to _not_ encrypt the system directories is so that
> system files can be easily mmapped into memory. And after all, there
> is no secret in the system files.
Remember also /tmp, /var/tmp and swap - where much a lovely secret can
be found!
I encrypt /home and /swap and I bind mount /tmp and /var/tmp from
/home/tmp and /home/var/tmp for completeness. If you run certain
services you may want to bind mount /var out of the encrypted partition
as well.
best,
gene/
More information about the fedora-devel-list
mailing list