On 10/25/2011 09:33 AM, Michal Hlavinka wrote:
On 10/25/2011 09:30 AM, Harald Hoyer wrote:
> On 10/25/2011 09:15 AM, Harald Hoyer wrote:
>> It's not only an aesthetic issue. This enables possibilities,
>> which were not doable before.
...
> - mount rootfs encrypted
> - mount /usr not encrypted (no secrets here)
this is already possible, I use this setup for a long time.
Does not seem to make any sense to me, unless you verify that no one has
messed with your binaries/libraries in /usr.
Christoph.