Musings about on-disk encryption in Fedora Core

[Leonard den Ottolander]

Hi Mike,

> If my system password is not unknown to others then my encryption  
> password is probably no good either.  I think root has to be trusted in  
> most cases.

There might be reasons you allow someone to use your account but don't
want that person to read your sensitive data. The root user is another
strong reason to separate authentication for the mounting of encrypted
file systems/directories. And the general rule of lines of defence
applies.

Leonard.

-- 
mount -t life -o ro /dev/dna /genetic/research