On 12/21/2008 03:15 PM, Richard W.M. Jones wrote: > The other reason to _not_ encrypt the system directories is so that > system files can be easily mmapped into memory. And after all, there > is no secret in the system files. Remember also /tmp, /var/tmp and swap - where much a lovely secret can be found! I encrypt /home and /swap and I bind mount /tmp and /var/tmp from /home/tmp and /home/var/tmp for completeness. If you run certain services you may want to bind mount /var out of the encrypted partition as well. best, gene/ -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
