On Mon, 3 Jul 2017 00:42:52 +0200, Alessandro wrote in message <20170703004252.748a9c7f@ayu>:
> Il giorno Wed, 28 Jun 2017 19:38:11 +0200 > Didier Kryn <k...@in2p3.fr> ha scritto: > > > Le 28/06/2017 à 15:40, Stephan Seitz a écrit : > > > And today you should always encrypt your discs. > > > > I don't see any reason to encrypt /usr. You might like to > > encrypt /etc because it contains user names and (already encrypted) > > passwords. But definitely there is no reason to encrypt everything. > > Valid reasons to encrypt /usr include: > > 1) /usr resides on the same partition as / and/or /home (trivial > case); 2) protecting its files from being tampered with when the > device is offline; > 3) making harder to someone who can access your > offline HD understand which partition is /, or /usr or /home, so that > the attacker will have to try to decrypt them all; > 4) you put stuff in /usr/local that might contain > keys/passwords/sensitive information that would better be kept > protected. ..if you wanna protect /usr/local, chop that off /usr and encrypt, mount etc them all as you damned please. -- ..med vennlig hilsen = with Kind Regards from Arnt Karlsen ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
