Encrypted home directory
Richard W.M. Jones
rjones at redhat.com
Mon Dec 22 10:11:33 UTC 2008
On Sun, Dec 21, 2008 at 09:46:30PM +0100, Ralf Ertzinger wrote:
> Hi.
>
> On Sun, 21 Dec 2008 20:15:23 +0000, Richard W.M. Jones wrote
>
> > The other reason to _not_ encrypt the system directories is so that
> > system files can be easily mmapped into memory.
>
> How would encrypting the system directories prevent you from doing that?
Yes, I'm wrong about this. I thought the ESSIV scheme used made it so
that you couldn't just decrypt an arbitrary block (without decrypting
previous blocks), but that's not actually the case.
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
Read my OCaml programming blog: http://camltastic.blogspot.com/
Fedora now supports 68 OCaml packages (the OPEN alternative to F#)
http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora
More information about the fedora-devel-list
mailing list