On Wednesday, December 4, 2019 4:40:14 PM MST Marius Schwarz wrote: > Am 04.12.19 um 02:02 schrieb Chris Murphy: > > > Anaconda custom partitioning has a per mount point encryption option. > > I can LUKS encrypt only the volume mounted at /home. And if I do this, > > If you do this, someone can manipulate your system to trojan horse your > passwords, > when he has physical access to it. > > Full-Diskencryption ( /boot included ) is the only way to protect the > system itself. > Anything else is simply not secure. > > best regards, > Marius Agreed. One of the most common solutions to this is coreboot with a GRUB payload. -- John M. Harris, Jr. Splentity _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
