Phil H@Fri, Jun 02, 2006 at 02:57:06AM -0700: > Applications can write data of one sort or another to /tmp and > configuration files and so on to /etc (and of course swap), or > perhaps (clandestinely or not) to some other place that you don't Encrypting the whole filesystem makes your binaries tamperproof. As mentioned in the mail quoted above, applications may do stuff you don't expect, and they may have even been maliciously changed so that they e.g. mail the important parts of your homedirectory to someone. All you need to do is to tamper with a programme, preferably daemon that runs as root. As soon as you mount your encrypted /home, it has full access and can do remote backups of any kind. There goes your privacy. greetings. Maxim - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/