Hi! > > Given your point about security, wouldn't it be nice if there were yet > > another flag to indicate that encrypted partitions should just be > > turned off on suspend? > > > > This is more useful than it sounds -- not all partitions are mounted all > > the time. It might actually be convenient if you don't want to > > accidentally leave a partition accessible when you walk away from a > > machine and forget to losetup -d, or whatever. > > Like Sean Neakums pointed out in earlier post to linux-crypto list, just > forcing unmount or losetup -d is not really an option. Maybe just checking > for encrypted loops in userspace _before_ starting suspend is a better > solution. Something like this: Agreed. Decision if keys should go to disk is user decision (btw they *do* go to disk if BIOS is used to suspend-to-disk; some notebooks do s-t-d automagially on battery fail), so it has to be userspace. Pavel -- Philips Velo 1: 1"x4"x8", 300gram, 60, 12MB, 40bogomips, linux, mutt, details at http://atrey.karlin.mff.cuni.cz/~pavel/velo/index.html. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
