Encrypted home directory
Bruno Wolff III
bruno at wolff.to
Tue Dec 23 08:45:18 UTC 2008
On Tue, Dec 23, 2008 at 10:30:31 +0200,
Nikolay Vladimirov <nikolay at vladimiroff.com> wrote:
>
> Ok. I'm not really sure about this but I think that full disk
> encryption on a software level
> with a key storng enough will bring some performance loss. And some
> people just want
> some confidential files to be encrypted.
The performance loss is minimal. Even if you want just some files protected,
you are better off encrypting everything so that caches, swap, and other
copies unintentionally left around aren't left unencrypted.
This is already working well. It doesn't make sense to waste effort to
implement another way to do the same thing less well. Unless there is some
other use case that is better covered by encrypting just some directories,
I think Fedora shouldn't waste scarce resources doing this. If some group
wants to spend their own resources on the implementation, using only enough
of Fedora's time to make sure they are doing things in a way that will
eventually be accepted, then they should feel free to do so.
More information about the fedora-devel-list
mailing list