On Mon, Dec 9, 2019 at 6:33 PM John M. Harris Jr <johnmh@xxxxxxxxxxxxx> wrote: > > On Monday, December 9, 2019 1:42:01 PM MST Chris Murphy wrote: > > I'm not sure how people are worried about trojans being injected into > > an unencrypted root, while also not at all concerned about bootloader > > malware, or malware injected into the initramfs or the hibernation > > image - which upon resume replaces everything in RAM in favor of > > what's in the image. > > Because, as we've explained, that cannot be done when those are stored on > encrypted partitions. The installer doesn't support such a configuration. No portion of the bootloader nor the boot volume, can be encrypted. While the hibernation image could be encrypted, it's not by default. So where's your pre-existing complaint and feature request that this should have been enabled by default a long time ago? Why are you only complaining about things when people have a proposal that doesn't align with what you want, almost as if you just want to argue for the sake of arguing? What's on the table in the near future is encrypting ~/ by default. And somehow because that's not good enough, in your view, you want to shitcan encrypting ~/ at all, while waiting for a perfect solution? How is that even remotely logical? -- Chris Murphy _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
