On Sun, Dec 21, 2008 at 09:46:30PM +0100, Ralf Ertzinger wrote:
Hi.
On Sun, 21 Dec 2008 20:15:23 +0000, Richard W.M. Jones wrote
> The other reason to _not_ encrypt the system directories is so that
> system files can be easily mmapped into memory.
How would encrypting the system directories prevent you from doing that?
Yes, I'm wrong about this. I thought the ESSIV scheme used made it so
that you couldn't just decrypt an arbitrary block (without decrypting
previous blocks), but that's not actually the case.
Rich.
--
Richard Jones, Emerging Technologies, Red Hat
http://et.redhat.com/~rjones
Read my OCaml programming blog:
http://camltastic.blogspot.com/
Fedora now supports 68 OCaml packages (the OPEN alternative to F#)
http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora