Re: FC7 plan comments

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2006-12-20 at 16:23 -0500, Jeremy Katz wrote:
> On Wed, 2006-12-20 at 22:20 +0100, Ralf Ertzinger wrote:
> > I'd be happy for working dm-crypt support. The kernel bits work, but I
> > can neither install (sanely) on such a device, and initrd support (for
> > encrypted /) seems to be missing, too.
> 
> The problem is that how do you handle this in the initrd?  You want to
> be able to prompt a user (in their native language) as well as support
> their native keymap.  This could very easily require an X server and a
> lot of fonts and other bits.  At which point, exactly what are you
> trying to accomplish?
> 
> Encrypting data?  Very interesting.
> Encrypting the OS bits that anyone can download?  Much less interesting,
> IMHO

At least an encrypted swap is a requirement so sensitive data are not
left unencrypted on disk. /tmp and some /var subdirs are also
questionable.

The swap could be enabled after boot is finished when X server is
running. /tmp and /var could be a tougher problem.

-- 
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb

--
Fedora-maintainers mailing list
Fedora-maintainers@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers

--
Fedora-maintainers-readonly mailing list
Fedora-maintainers-readonly@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly

[Index of Archives]     [Fedora Users]     [Fedora Development]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux