Isn't it time for the encrypted file system???
seth vidal
skvidal at linux.duke.edu
Fri Mar 24 18:28:42 UTC 2006
On Thu, 2006-03-23 at 22:50 -0800, Panu Matilainen wrote:
> We have a corporate policy requiring encryption of the *entire* disk
> (obviously /boot is an exception), not just /home. It may be a bit
> extreme but if you start encrypting stuff, /tmp, /var and swap are an
> absolute must to cover as well, otherwise you'll be leaking company
> secrets you viewed as mail attachmets to unencrypted /tmp etc.
>
> Oh btw, obviously there is a performance hit to encrypting everything but
> it's nowhere near as bad as one would think, in fact is almost
> unnoticeable on normal use. Sure, when running a fully encrypted system
> and testing another installation inside VMware which is also encrypting
> the disk it things start to get <cough> a little <cough> sluggish ;)
>
> Anyway, it would be very very nice to finally have fs encryption directly
> supported in FC.
Just so there's no confusion:
I'm all for it being supported. I'm just not for it being the default.
-sv
More information about the Fedora-maintainers
mailing list