David Zeuthen wrote:
(btw, for FC6 and GNOME 2.16 I hope to have a very simple formatting /
partitioning tool for drives which will include setting up LUKS
partitions - and it won't do silly things like requiring the root
password (in the default install; will be configurable) for at least
removable and hotpluggable media. Of course I can't promise to have this
done for FC6 as I presently do most of this in my spare time...)
Is there any chance that we can come up with something that doesn't
require something that's block-level and requires repartitioning? The
migration path pretty much sucks if we don't try for something else.
Hmm. Can we do something like this when someone sets up an encrypted
home directory:
o Identify all the files that descend from that user's home directory
o Identify all the blocks that are associated with those files
o Encrypt those blocks
The trick here is that every file below that tree also has to be
encrypted over time. Maybe we could use some interesting mix of xattrs
and kernel hooks when you open one of the xattributed files? Doesn't
selinux have some hooks like this? (Everything below this directory has
policy X...)
--Chris
