On Wed, Dec 4, 2019 at 4:59 PM John M. Harris Jr <johnmh@xxxxxxxxxxxxx> wrote: > > On Wednesday, December 4, 2019 12:00:06 PM MST Chris Murphy wrote: > > Other alternatives: > > a. At least on ext4, you can today selectively encrypt directories and > > files, so you could have an non-encrypted ~/ by default, and choose > > what directories to encrypt. There's no GUI assistance for this yet > > that I'm aware of. > > b. If you can clearly compartmentalize our use cases, you can have two > > accounts, one is encrypted and other not. > > > > I think the later two put a lot of burden on the user to figure out > > and manage. I'm not sure there's a way for GNOME or systemd-homed to > > directly support such use cases, but I also don't expect it would > > stand in the way of user implementation of such a scheme. > > "Alternative" B is a complete cop-out. It's essentially ignoring the fault > entirely, and blaming the using for wanting to do something the traditional > way. > > That is a workaround, not a solution. It's a fair criticism, but it's also not a solution I'm advocating as a default behavior either. You know what is a work around and not a solution and is default? ~/ isn't encrypted. And the two install time options insist on restricted character sets for the passphrase, the user must not change their keyboard layout, or their keyboard to one with a different keymapping - lest they experience data loss. The traditional way is unquestionably hostile to international users, and doing better, however untraditional, is absolutely something I strongly favor. -- Chris Murphy _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx